mobcup.net Open in urlscan Pro
104.26.1.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Submission: On July 13 via manual (July 13th 2023, 2:12:21 pm UTC) from AU — Scanned from AU

Summary HTTP 124 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 124 HTTP transactions. The main IP is 104.26.1.174, located in and belongs to CLOUDFLARENET, US. The main domain is mobcup.net. The Cisco Umbrella rank of the primary domain is 78089.
TLS certificate: Issued by GTS CA 1P5 on July 7th 2023. Valid for: 3 months.

This is the only time mobcup.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

The Sims 1 - Burglar.mp3 50 KB audio/mpeg

SHA256: 7032d7061ab46d0594ce5070e99c28c768cf51067b29c6ffa930553ab5a6edd6

MIME: Audio file with ID3 version 2.4.0, contains:MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo

Size: 50 KB (51278 bytes, 100% done)

Downloaded from: https://mobcup.net/d/udbtt868/mp3

Domain & IP information

	IP Address	AS Autonomous System
6	104.26.1.174 104.26.1.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	142.251.220.130 142.251.220.130	15169 (GOOGLE) (GOOGLE)
1	142.251.220.200 142.251.220.200	15169 (GOOGLE) (GOOGLE)
1	142.251.220.170 142.251.220.170	15169 (GOOGLE) (GOOGLE)
3	142.251.221.14 142.251.221.14	15169 (GOOGLE) (GOOGLE)
1	64.185.181.238 64.185.181.238	40009 (BITGRAVITY) (BITGRAVITY)
4	142.251.220.195 142.251.220.195	15169 (GOOGLE) (GOOGLE)
30	142.251.221.34 142.251.221.34	15169 (GOOGLE) (GOOGLE)
3	142.251.221.2 142.251.221.2	15169 (GOOGLE) (GOOGLE)
1	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
8	142.251.220.196 142.251.220.196	15169 (GOOGLE) (GOOGLE)
2	142.251.220.174 142.251.220.174	15169 (GOOGLE) (GOOGLE)
1	108.158.213.7 108.158.213.7	16509 (AMAZON-02) (AMAZON-02)
1	18.172.16.183 18.172.16.183	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.220.161 142.251.220.161	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	54.179.25.195 54.179.25.195	16509 (AMAZON-02) (AMAZON-02)
6	142.251.220.226 142.251.220.226	15169 (GOOGLE) (GOOGLE)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
17	142.251.221.33 142.251.221.33	15169 (GOOGLE) (GOOGLE)
124	30

6 104.26.1.174 (None, )

ASN13335 (CLOUDFLARENET, US)

mobcup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s01-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.220.200 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.220.170 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.221.14 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.181.238 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b.bitgravity.com

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.220.195 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.251.221.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.221.2 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s02-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.220.196 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s03-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.220.174 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s02-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.213.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-213-7.mnl52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.16.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-16-183.mnl52.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.220.161 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s02-in-f1.1e100.net

26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.25.195 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-25-195.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.220.226 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s01-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.221.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	388 KB
33	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	703 KB
15	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670	18 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	337 KB
6	mobcup.net mobcup.net — Cisco Umbrella Rank: 78089	72 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388	529 B
3	gstatic.com fonts.gstatic.com	24 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	84 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	361 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 405
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1953	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	902 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 20481	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	462 B
1	affinitymatrix.com cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 40448	633 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	924 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	54 KB
124	23

	Domain	Requested by
30	securepubads.g.doubleclick.net	cdn4-hbs.affinitymatrix.com securepubads.g.doubleclick.net mobcup.net www.googletagservices.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	mobcup.net pagead2.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
8	www.google.com	mobcup.net securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.googletagservices.com	securepubads.g.doubleclick.net
6	mobcup.net	mobcup.net
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	mobcup.net www.google-analytics.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects mobcup.net
2	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	gum.criteo.com	static.criteo.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	www.google.com.au	mobcup.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn4-hbs.affinitymatrix.com	mobcup.net
1	fonts.googleapis.com	mobcup.net
1	www.googletagmanager.com	mobcup.net
124	35

This site contains links to these domains. Also see Links.

Domain
mobcup.page.link
forms.gle
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
mobcup.net GTS CA 1P5	`2023-07-07` - `2023-10-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Frame ID: 56A5ECE47697BA9A36D71004BD00EF42
Requests: 48 HTTP requests in this frame

Frame: https://mobcup.net/d/udbtt868/mp3
Frame ID: 8D408E9DCD7F117B85A916ABA4500801
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 281EDB759A27BC28E9B420AFDE1473C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7892854550481168&output=html&adk=1812271804&adf=3025194257&lmt=1689257532&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689257530114&bpp=3&bdt=1333&idt=2242&shv=r20230711&mjsv=m202307100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7197855716938&frm=20&pv=2&ga_vid=251710271.1689257531&ga_sid=1689257532&ga_hid=189765915&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=2744822836116702&tmod=1235698266&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2263
Frame ID: 71652ABD2673DBA743A7D3443829A936
Requests: 1 HTTP requests in this frame

Frame: https://26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C04505399815ECCE40F2E87942AB547
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW_-8Arjwm1eVodW_aRpq6puQjkm7QM9ibCL5YnoB9bQoAuxO4f3vA0b7LmFHVdEw0qjSvOqpe8yIUaYx386qMCUmD_eCHH5_aN6SdNYUsVX0v6NzvPzYKVnY7oK8SiSG3eArrvMBA2W5KxC538JxRmtMe75Ma0c_NYWt2-EUoP8oKHZnHE42PSX9hKJJPc0VQU3fT4HxENReQMSSoFGfh8RXMjwr50wriK1X9N9ZLaLPoISWBausiN8lBKSuX2220kO5y1VONEvOgSbkndJ3FV6vHNIF2E6Y9WbiBiuqp8hjvpKgIADfmIzHmZUQt2BxB6xeNxxwbXlB9M8yMAb6WIt0m&sai=AMfl-YTlI_kWj4rEY-PRfhAlCNln-T7vfbrJEk_ZtQX7w_iwsnxe9dpr2q5kK03uLn8wCzY8LfAbP1VEDlhy_1Sz-0l8LngaLZVAI2Za1unVGT5p17J3WKLCZmSPvWfmyg&sig=Cg0ArKJSzAkS8DwLPKWOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 63A43DD2B935ABBA6FB2808854CE82AA
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mobcup.net
Frame ID: 2CDB93992CD1305A2A5F31808F8C4567
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7CE607D7EF40165C5C62A132E972E4ED
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLUgF2dO4Ha6EhNei1cZ49M9rit-_RqEozlpsgTXjasA5DuyVSkae2tYciN4honRjM6NkmMDEiO708sKF9B3tgSlkrtpDvRoUzTF0hfO4BVZsgZ_en_-0golXe9AwwsTZaBRpzT8mYzg7OmondkvOdtoPj8qyL-xpsPSLIADXHOSoeEKmMlOBHGdr9GttZmYSuJpBMSQmrOpoIEJjmzPqy92MCJBn-ea1j-7ap4XBrxUJbXpu8Tdd85dGKoanVcc5bK_GeUS8If-HFwSi2FEJNGoVL502yjITsjr4ZgpIUsEn0-2e3pupQaRjCg-EW6bDGsOQHW66dJ98P1aXu5eGCEogOQQ&sai=AMfl-YQZaRlfevLfMdloGAoWgsadbTdQUduLJAfcXmqrV6hekpandduYFS1yTvIgFB34r4p2XAZxivXwjoKteXWPghSHVNZ4FYLMnbcuygvDvx6OZw4NGVdHxLuB1mxaBQ&sig=Cg0ArKJSzAWZfzmJy4qyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B58E408703C14C7438B4D59D097BC579
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkYN7As7fh2UMlaIa_uDFCg51UnB2ik-1V8i_MORyzyVUKHA0rP94NnVjIL_oIn2IAUymhtd_WRi_2TpfcCuhl3wMo9A7L4bOBaDjty1vMcAobO2iWWM3bmLC8nzDokEJYGRI8w3lVn3ajwQpAQwaLlEI-6ofzDfYkVU4Ee5RuW_q-mwVa36k_WJ1XyV25U4PG0nfqsk5ty9Rdvv5TIgw0d59t61UuJuob9eNv_2YZ7t-7yRXFxN7-KiOPTpgJ6iFlbK75tg03r00z7LwtCTJy8SagIDj6AWmtT06hW33rlC9SMQY1sXDuHcW0HnxVO4p3Ds8xBS-E8icH_INayH4sZKA&sai=AMfl-YQRL9v15nJrUaI_2k-h0fKYnzx4tLyNEITTobld5iGXSc1tkRcQnZl_s5RBDnZ4dGUQcsjadjYmoQ5juRaCUK93f8_ZIZ29YKu0VaIHQd1wZbjowj0u1M9gAfYzlA&sig=Cg0ArKJSzA8zgUd48k8xEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 541C584B358DECDB084D12E55F39757A
Requests: 13 HTTP requests in this frame

Frame: https://cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1DEB42FACA8E4F405F24F69456F03ABB
Requests: 1 HTTP requests in this frame

Frame: https://c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 20F3BBBA5BCC17C0FEDA4F52239F75D0
Requests: 1 HTTP requests in this frame

Frame: https://d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BED329D37ABE805E69268927054D542E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm42A9tE6-WvgkUSkizHFvCEadzkBf1UX5BpXfGL7Ga_ay3hXosF6WNhvZmDcGL4yZ1r_qzBHqduyxKFxknMrpuH13M5DB4VpPKXL5nXDpxeM7EdbOtfFeVgZxNVMUaRkKi4si0H9vu_twnClb1VfYZwsJEktUkZkrr5oVodNEvKHPycA9Kl3GdB6K2SmRBLBfn09ZdTc8C9Wk70yW1OsXMFw1dSXzABtiZuhrPu4WlG90o-_D5l-QM5BJEnujys696p2Ezutmgwf-IEKCnoL6JI98Bxx8ZGGOUXH7zi9AtguY9_0kY8zoLT50KI4aQG9CAgGexi6GAgYwQ7F1faNJwj0&sai=AMfl-YRX0hNsFBT9sn8M24MUu-dAkVGkgDkN1HukcjLo8pZ4TJafr4evqhv9vi_BA4WnYjaS65e2X0PEOAhraFowCMi9pBcEthn2G6XW1l7Qvj-2VXiOvXw-MuLJwjzMHQ&sig=Cg0ArKJSzPVG2_f0tx1bEAE&uach_m=[UACH]&adurl=
Frame ID: 710D2B81D0A3515B3E9F80587ADC50B2
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUq7EK-DzjN6WhlGI7AZLmu7v9rogJi1mnoDcyDYPwRWQdke1zQp1M2Y3UzO4bGoKAB7hG-etMvI2pwM7Y8mA0YTT_6RNdSU35PpxAn37xQH-Yi2PT1MUHT9Df7SeM64dTOBTunC1fIqU7lq5Tc8l_J8ueT1DNUj-tAjJohue3FmZphaV9cTzdXlFpBietH0VHv50uHFo5AmEZw5UA1s7bAHTtXZ-7ei-nEjkb0-_CS3Bk7PQFBe3M7pAaMUlWWTitD_RhuZh0mEJ9RYQ7SO4vTgVD2TnU_dzC0HtW-2o4LEWaIuj2LVpZbQcmACQVKRnN_pJVp_Hestb1O97xKnKqG2U&sai=AMfl-YRCYPDrdE89SRcbLlSXoeAZxLWNeq_vHVOXGa1jM166NdgGIw6v6SMi38cO5bW7f5ufq1h1X6BI2kR0fMfPxPHIwxckIaW0yDgBagcPmKj_3sCYqoRIklSx4w55lA&sig=Cg0ArKJSzC_wO1vGBF64EAE&uach_m=[UACH]&adurl=
Frame ID: 25F6378D9CFFBEAC9CAC96E7B76A1739
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP9Bs9V6WKJk3CXbdGLi-soWNEEFmoGyHvLv6lYnYIxFZ-20bUR2O3CoxAAiPVieaDacmlC5fob7bxjviLQ3g0tpE5z5m1PYqvUqPAO5YLPnI98hKtOauDyOi7b21Wgbcs-FjputIv7dT3FN73ywnmpdnfyjTU2zz7FHR0bBPmkJXa-TN2478DKAHwTAHr7D07XoAgKitQosafo1pP3yEnDTEZxnM5qFuSkM8XB89rKoEWcxUMTZbwbJr46VbKcv1zbJSMIiaMlCxsUfXzYGbQdG_-PczEboRQbC6MF6RIFCYam6J9sumrbwwPcXYiRYs6uAzcZ7LJ14NNmaxehxHIldM&sai=AMfl-YT-Wbo3sfudJRGWO90n3fk_gyJVbZ5xsxcVIp7VcRZG_q6QPeg8sOAoxK8zKMPKsBz-T_uXU0RW9kE9l4i-3g2UN4Dvn5qHy2fYHsXOKvjOymu59Y5aFnf9DvooMA&sig=Cg0ArKJSzNtut4u00SYcEAE&uach_m=[UACH]&adurl=
Frame ID: 88461B7FF73BEE180FB3ADDA468BA541
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AB95F7B2AA194B0474876A51A0CE35F4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3124BFE377C65E2A48D9935B777AD5EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 99D55579546B94E7FED10CF1326A183C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFD7DD942021BB6A788699E8CDA923C4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 54469730B870C72AEBB1418F1E86AB6D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2140FDF39DF6742AA1CBD1B2775CFB4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D9B04765A1624285085629DD02FE9D17
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44A95184FF41E1B280EC6288D90F29F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Sims 1 - Burglar Ringtone Download | MobCup

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

124
Requests

99 %
HTTPS

0 %
IPv6

23
Domains

35
Subdomains

30
IPs

4
Countries

1751 kB
Transfer

4939 kB
Size

23
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://mobcup.page.link/?link=https://mobcup.net/&apn=net.mobcup.android&utm_source=Dmobcup_net&utm_medium=Dweb
Title: Open App

Search URL Search Domain Scan URL

URL: https://forms.gle/uwJL8UuHunCtnnio9
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MobCup/

Search URL Search Domain Scan URL

URL: https://twitter.com/mobcup

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCMSwfIbSU2La6TcMAsqu6iw

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mobcup_app/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?app_id=245462775482956&u=SHAREURL&display=popup&sdk=joey

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?refer_source=SHAREURL&text=SHAREURL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://oajs.openx.net/esp?url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&rid=esp&cc=1

124 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mp3 Show response
mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/ 68 KB
22 KB 884ms
399ms Document
text/html 104.26.1.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.1.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb47d6c84a66a543238d93bcc24402f1fba33ee34ed2481356d767f2fa3a535b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e621e808d4caacf-SYD
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jul 2023 14:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: join-ad-interest-group=(), run-ad-auction=()
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7wq%2BxwGlQ%2BtKEsgzLGSJwOaRFcKZxgo6%2FFfigPnDqGXQvnPglvUb%2FE%2FqSpmaRgKea1iWmVpt2AW3dNEAu32iEgUhQIAiqZwf5rhxKs0%2B9EuHnSO63bQUyFojLs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 styles-f63497f748.css
mobcup.net/css/ 81 KB
10 KB 107ms
106ms Stylesheet
text/css 104.26.1.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobcup.net/css/styles-f63497f748.css
Requested by: Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b9c0e9829dc5c68c654a699b1bfdf434fe9ba732d7251dd1105b2ea8a79755

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:08 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504383
cf-polished: origSize=84560
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 17:28:35 GMT
server: cloudflare
etag: W/"64a84b43-14a50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xft%2B8PbbDkkEbyPOkg4zOkyvVgP0eKhBJiOkUI5%2Fbgympv7ylGkhSOk9yKmJ8MPKBT8o%2B0qjBHBBNJr7UrfpTPJklZGJOHyDCmKeYDMjw6F6K989YhJO7MI077c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e621e833fa4aacf-SYD
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 1017ms
258ms Script
text/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7892854550481168

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

6b0be94df05908708f85c23a7e96be6c816668799e62fc44011fd4e3e6be9527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://mobcup.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50391
x-xss-protection: 0
server: cafe
etag: 5109668059445168206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:09 GMT

GET
H2 200 header-logo.svg
mobcup.net/images/ 9 KB
3 KB 103ms
102ms Image
image/svg+xml 104.26.1.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobcup.net/images/header-logo.svg
Requested by: Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a3bb3c14ca36273364359c0b26003293c3b1ef5770f89388bb103e394f8162

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 20 Dec 2022 17:59:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17697540
etag: W/"63a1f809-25ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsCKVcspGxGRbCg37zLlScKQdjVfeTdaph%2FXk21s78WnY3QB6zY0JrBZiKxuPtiEiRI4E3EbjesYFmjko8DLo7f8O8HYHBEv8ZKqgn7bIf1PCqYEaWBzbe6MJqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7e621e83e86caacf-SYD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 login-logo1.svg
mobcup.net/images/ 10 KB
4 KB 129ms
129ms Image
image/svg+xml 104.26.1.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobcup.net/images/login-logo1.svg
Requested by: Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ead67d138a41e6cf31c713f8fa7ef1439acc29f95426e0d19acbff037fa9a7c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2022 18:04:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17524323
etag: W/"63a49c41-27f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnLH6D4y8UtVJHIc4GMOly3FeJdCinIZrKXZBM5k9aGI8DvlYFCpKiCMLc23qOpB6YPUCPjf0KI1muCWEJ1Te6gb0ueBTeAq2hyd7%2FadL55ujLFYBBVkmmryn08%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7e621e88ed1faacf-SYD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
54 KB 1020ms
247ms Script
application/javascript 142.251.220.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNV4V4B

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

786f35873226d54693fcf4e338b1f6b16643ffd83e9e2c8f98fdbd890585b3fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54673
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jul 2023 14:12:10 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
924 B 799ms
249ms Stylesheet
text/css 142.251.220.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Requested by

Host: mobcup.net
URL: https://mobcup.net/css/styles-f63497f748.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f10.1e100.net

Software

ESF /

Resource Hash

95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Jul 2023 14:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 12:32:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jul 2023 14:12:09 GMT

GET
H2 200 app-scripts-85c9c18958.min.js Show response
mobcup.net/js/ 94 KB
33 KB 103ms
103ms Script
application/javascript 104.26.1.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobcup.net/js/app-scripts-85c9c18958.min.js
Requested by: Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c7f8c941c072a5d5ad1bcbbf147dfabc082bb995e3f495b8e5b30306bb50104

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jul 2023 12:08:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 523587
etag: W/"64a80053-1779b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wz7R%2FCjKPXLYv2duKgp1cJoGn7ET32ZLaJ%2BlHSyhWc5S9cn%2BIC1kdiR8KDE2FxHvXsO%2BhbzHNIDuoq1pOFfA6P2VVa9veG81merQ5UutHl8NOoL4IgM1YeOwxwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e621e88ed1baacf-SYD
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 987ms
214ms Script
text/javascript 142.251.221.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jul 2023 13:13:31 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jul 2023 15:13:31 GMT

GET
H2 200 affhb.data.js Show response
cdn4-hbs.affinitymatrix.com/hbcnf/mobcup.net/13614/ 372 B
633 B 328ms
93ms Script
application/javascript 64.185.181.238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hbcnf/mobcup.net/13614/affhb.data.js?t=13614
Requested by: Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b.bitgravity.com
Software: v/6.7.4/6.5.22/v3syd1-www /
Resource Hash: 54dab4363894dd28d6191b95dcb110da747afc4c70050b11c061ce1409f9a815

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-version: 9
date: Thu, 13 Jul 2023 13:58:02 GMT
content-encoding: gzip
x-real-ip: 66.203.112.167
server: v/6.7.4/6.5.22/v3syd1-www
age: 847
x-tata-request-id: 681fa581f8dd62728a543e3fd677a8a2, 681fa581f8dd62728a543e3fd677a8a2
vary: Accept-Encoding
x-cache: HIT,v3syd1
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 276
expires: Thu, 13 Jul 2023 15:12:09 GMT

GET
DATA 200
OK truncated
/ 550 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b561a925e30fdbb03634056a4dd62713cae6e3bdbe711feb2e1ee2370a92259

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b45d71f4ee120b4d07f0f5b5763eb4e6763700bcb738aa292ce2c19d7609f7f

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 1003ms
237ms Font
font/woff2 142.251.220.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobcup.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 09:28:36 GMT
x-content-type-options: nosniff
age: 449014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 09:28:36 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 842ms
215ms Font
font/woff2 142.251.220.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobcup.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 05:24:39 GMT
x-content-type-options: nosniff
age: 463651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 05:24:39 GMT

GET
H2 200 mp3
mobcup.net/d/udbtt868/ Frame 8D40 0
0 406ms
406ms Document
audio/mpeg 104.26.1.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mobcup.net/d/udbtt868/mp3

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.1.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7e621e89dde3aacf-SYD
content-disposition: attachment; filename="The Sims 1 - Burglar.mp3"
content-length: 51278
content-type: audio/mpeg
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jul 2023 14:12:10 GMT
etag: W/"c84e-164d86e3e88"
last-modified: Thu, 26 Jul 2018 21:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: join-ad-interest-group=(), run-ad-auction=()
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sh2JbcDlBLMLCgWUQizkSSettf304WK0z7AQ5VL93SfpGOAvptY%2BvJ0xnLhW2CRnB%2BmqiOgYX0bJATE8YGR17gIjiIw%2Bg%2Fj6x9SIq0xD73ypAzqsXEyr8e%2Bx7O4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 885ms
265ms Font
font/woff2 142.251.220.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobcup.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:50:33 GMT
x-content-type-options: nosniff
age: 444097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 10:50:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
26 KB 1021ms
252ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hbcnf/mobcup.net/13614/affhb.data.js?t=13614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

c7703fc51aff7f6d0697d642e5af3ee9009da1de0638232950b75ff712ad18bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25722
x-xss-protection: 0
server: cafe
etag: 917 / 19551 / m202307060101 / config-hash: 5399332811747128074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:11 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/ 356 KB
123 KB 1068ms
309ms Script
text/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7892854550481168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

9cfdc8d26510003ab8b5ad5616596a100cd603bb30aa4260ed8ba456b1e5fbe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125017
x-xss-protection: 0
server: cafe
etag: 4638443573556669918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 281E 0
0 974ms
213ms Document
text/html 142.251.221.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7892854550481168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 72012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 18:11:59 GMT
etag: 12368291122986407432
expires: Wed, 26 Jul 2023 18:11:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 178 KB
63 KB 286ms
285ms Script
application/javascript 142.251.221.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MNWSNNR&cid=251710271.1689257531

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s02-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

301793769e8f62e736557a1761d62a481ebc0e7b63b399588b8a31e69a7a8a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jul 2023 14:12:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
178 B 245ms
244ms XHR
text/plain 142.251.221.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=189765915&t=pageview&_s=1&dl=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&ul=en-us&de=UTF-8&dt=The%20Sims%201%20-%20Burglar%20Ringtone%20Download%20%7C%20MobCup&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=1764587650&gjid=1908381955&cid=251710271.1689257531&tid=UA-902909-24&_gid=167404280.1689257531&_r=1&_slc=1&z=1795831062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
349 B 864ms
186ms XHR
text/plain 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-902909-24&cid=251710271.1689257531&jid=1764587650&gjid=1908381955&_gid=167404280.1689257531&_u=KGBAAEACQAAAACAAI~&z=1185929148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 13 Jul 2023 14:12:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/ 392 KB
125 KB 214ms
213ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 17:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76043
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127592
x-xss-protection: 0
server: cafe
etag: 1084883806831873288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Jul 2024 17:04:49 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
1 KB 1001ms
244ms XHR
application/json 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

2b638c5404341e6acfc88b941f89942fd556644aafd936975facdc1a6e46f562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 505
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
462 B 246ms
245ms Script
text/javascript 142.251.221.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mobcup.net&callback=_gfp_s_&client=ca-pub-7892854550481168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s02-in-f2.1e100.net

Software

cafe /

Resource Hash

6cf0ad72503f6049383fed9f5001dcf19ad21296278fe92f50cbb2f7f0073951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 1005ms
246ms Script
application/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobcup.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 287ms
287ms Image
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sticky-bottom&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7165 0
0 648ms
647ms Document
text/html 142.251.221.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7892854550481168&output=html&adk=1812271804&adf=3025194257&lmt=1689257532&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689257530114&bpp=3&bdt=1333&idt=2242&shv=r20230711&mjsv=m202307100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7197855716938&frm=20&pv=2&ga_vid=251710271.1689257531&ga_sid=1689257532&ga_hid=189765915&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31075758%2C44788442%2C44796476&oid=2&pvsid=2744822836116702&tmod=1235698266&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2263

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4828
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:12 GMT
expires: Thu, 13 Jul 2023 14:12:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 1005ms
246ms Image
image/gif 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-902909-24&cid=251710271.1689257531&jid=1764587650&_u=KGBAAEACQAAAACAAI~&z=584783659

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 1012ms
250ms Image
image/gif 142.251.220.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-902909-24&cid=251710271.1689257531&jid=1764587650&_u=KGBAAEACQAAAACAAI~&z=584783659

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 19 KB
8 KB 979ms
424ms Script
application/javascript 142.251.220.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f14.1e100.net

Software

ESF /

Resource Hash

47cb9d4c76a7cd55cbe4d252cdede00fa93a14b6c2398cd728255a35f62876e7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PFvRuQ-Tts9BrvHYQ1dcuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PFvRuQ-Tts9BrvHYQ1dcuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-7892854550481168 Show response
fundingchoicesmessages.google.com/i/ 19 KB
8 KB 731ms
268ms Script
application/javascript 142.251.220.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7892854550481168?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f14.1e100.net

Software

ESF /

Resource Hash

47cb9d4c76a7cd55cbe4d252cdede00fa93a14b6c2398cd728255a35f62876e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xe8EZuhiq0pzLGlhTO8_kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-xe8EZuhiq0pzLGlhTO8_kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 246ms
245ms Script
application/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 683ms
230ms Script
text/javascript 108.158.213.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.213.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-213-7.mnl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 05:39:03 GMT
content-encoding: gzip
via: 1.1 66fef0a76f55f5a7df6cfec56e73983c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MNL52-P2
age: 30792
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7NM4YHnteibVIAKdnnyvnFA1_GRtHz4itxDEymGRiDssvDVtfe6gHg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 949ms
213ms Script
text/javascript 18.172.16.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.16.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-16-183.mnl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 13 Jul 2023 08:15:44 GMT
Via: 1.1 77ed6e27c5ae2d8e96b54a4ebdd2ed2a.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MNL52-P1
Age: 21390
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: FJsnDY9KGEhDwj6k08vJwvmNYxw9kad2BGb2JW6sACd0Y0tKyGKaSQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 565ms
371ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:14 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: a9ef59424f360afdf07f0e89e3c8f712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 287ms
94ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 18:00:01 GMT
content-encoding: gzip
age: 2146333
x-guploader-uploadid: ADPycdvAvAVQKBueilrdcGL9N2clIlkI3Alcsg1D6I8AXzMK57ZMTC_wo0DGWrZOvJNuu-Jc4-7KWHFZ9EnprmzvdCTaxw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 17 Jun 2024 18:00:01 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 900ms
226ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 14 Jul 2023 14:12:14 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 1002ms
231ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jul 2023 14:12:16 GMT
x-content-type-options: nosniff
content-encoding: br
age: 10340
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bfi-kbfi7400094-BFI
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 616ms
111ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: H9BC1ES5RWEWWYHP
age: 1651
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e621eb0caa6a959-SYD
x-amz-id-2: KlWUSfxDnSaJ83GABAuftQK+dytlFEk2u9ovPNCYdAQ1K6rV/UxY20fFt3udoQdZdbkk7iKAAfc=

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 301ms
100ms Script
application/javascript 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 62174
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7e621eaedb2ca871-SYD
expires: Fri, 14 Jul 2023 14:12:15 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 1577ms
1576ms XHR
text/plain 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2744822836116702&correlator=500070334113037&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=38047625%2CMC_Ringtone_Desktop_ATF_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x50%7C728x90&ifi=2&adks=4152034657&didk=886307034&sfv=1-0-40&sc=1&cookie=ID%3D087b31da9815511a-229382c4aee7007b%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw&gpic=UID%3D00000c208647aea8%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A&abxe=1&dt=1689257533988&lmt=1689257533&dlt=1689257528781&idt=3786&adxs=315&adys=48&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&frm=20&vis=1&psz=1600x100&msz=970x-1&fws=0&ohw=0&ga_vid=251710271.1689257531&ga_sid=1689257532&ga_hid=189765915&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

f874fb54f269b5c7cf1c28818e906d9fc5a4f5a4464f3d1ab53b65795e92d2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11698
x-xss-protection: 0
google-lineitem-id: 6315077202
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138435621973
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 1135ms
1134ms XHR
text/plain 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2744822836116702&correlator=500070334113037&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=38047625%2CMC_Ringtone_Desktop_PD_MID_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C320x100%7C320x50%7C728x90%7C970x90&ifi=3&adks=1709037306&didk=811526347&sfv=1-0-40&sc=1&cookie=ID%3D087b31da9815511a-229382c4aee7007b%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw&gpic=UID%3D00000c208647aea8%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A&abxe=1&dt=1689257533996&lmt=1689257533&dlt=1689257528781&idt=3786&adxs=315&adys=297&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&frm=20&vis=1&psz=1600x403&msz=1568x250&fws=0&ohw=0&ga_vid=251710271.1689257531&ga_sid=1689257532&ga_hid=189765915&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

842fd4eb0b4f4d064ef1228a5807bf4dfb0020e76ef90eaa3d0b201f3cdbc6f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11719
x-xss-protection: 0
google-lineitem-id: 6315077208
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138434929833
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 689ms
689ms XHR
text/plain 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2744822836116702&correlator=500070334113037&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=38047625%2CMC_Ringtone_Desktop_Sticky_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x50%7C728x90&ifi=4&adks=2830307924&didk=876330480&sfv=1-0-40&sc=1&cookie=ID%3D087b31da9815511a-229382c4aee7007b%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw&gpic=UID%3D00000c208647aea8%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A&abxe=1&dt=1689257533999&lmt=1689257533&dlt=1689257528781&idt=3786&adxs=315&adys=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&frm=20&vis=1&psz=1600x-1&msz=970x-1&fws=512&ohw=0&ga_vid=251710271.1689257531&ga_sid=1689257532&ga_hid=189765915&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

74de6d8c7ed46e0d52dba31616016ed78164797f392ad24dd5e0de46b450280f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11738
x-xss-protection: 0
google-lineitem-id: 6315077217
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138434932464
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C04 0
0 1018ms
246ms Document
text/html 142.251.220.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:14 GMT
expires: Fri, 12 Jul 2024 14:12:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&rid=esp&cc=1

85 B
202 B

270ms
270ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&rid=esp&cc=1
Requested by: Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c3adc75ed9524a350b873a3a5d67c8de3423aa8d00cc51d94bcd7fc9beb0e85c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-7tU2y6pCYAX7zBxee1gQ0fukeZQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mobcup.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 13 Jul 2023 14:12:14 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://mobcup.net
location: /esp?url=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 569ms
374ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mobcup.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://mobcup.net
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 13 Jul 2023 14:12:14 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 72e5ec64611cb7bca4abf90444327d01

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 265 B
361 B 381ms
380ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2ede4e9c72ee12c846507030c4f5e63d0ed738d38709e164451bd1b2b42819b7

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a25f1b9d7fd8ff8e4db4233e675a886d
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
690 B 582ms
201ms XHR
application/json 54.179.25.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.25.195 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-25-195.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cc88bbe4cf3dda43923d30b252a693e8b0321682d807d435e270ea63dd2c09e3

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mobcup.net
cache-control: no-cache
x-server: 10.42.9.240
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63A4 0
0 247ms
247ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW_-8Arjwm1eVodW_aRpq6puQjkm7QM9ibCL5YnoB9bQoAuxO4f3vA0b7LmFHVdEw0qjSvOqpe8yIUaYx386qMCUmD_eCHH5_aN6SdNYUsVX0v6NzvPzYKVnY7oK8SiSG3eArrvMBA2W5KxC538JxRmtMe75Ma0c_NYWt2-EUoP8oKHZnHE42PSX9hKJJPc0VQU3fT4HxENReQMSSoFGfh8RXMjwr50wriK1X9N9ZLaLPoISWBausiN8lBKSuX2220kO5y1VONEvOgSbkndJ3FV6vHNIF2E6Y9WbiBiuqp8hjvpKgIADfmIzHmZUQt2BxB6xeNxxwbXlB9M8yMAb6WIt0m&sai=AMfl-YTlI_kWj4rEY-PRfhAlCNln-T7vfbrJEk_ZtQX7w_iwsnxe9dpr2q5kK03uLn8wCzY8LfAbP1VEDlhy_1Sz-0l8LngaLZVAI2Za1unVGT5p17J3WKLCZmSPvWfmyg&sig=Cg0ArKJSzAkS8DwLPKWOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 63A4 75 KB
25 KB 279ms
278ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

d943623651ea9c693c3169486cb14c958da7034abc4027e81efd1d4e1988c7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25726
x-xss-protection: 0
server: cafe
etag: 535 / 19551 / 31075929 / config-hash: 5399332811747128074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63A4 179 KB
57 KB 1008ms
248ms Script
text/javascript 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:15 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 2CDB 0
0 670ms
200ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mobcup.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 642286
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 7CE6 0
0 388ms
191ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Thu, 13 Jul 2023 14:12:15 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B58E 0
0 246ms
245ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLUgF2dO4Ha6EhNei1cZ49M9rit-_RqEozlpsgTXjasA5DuyVSkae2tYciN4honRjM6NkmMDEiO708sKF9B3tgSlkrtpDvRoUzTF0hfO4BVZsgZ_en_-0golXe9AwwsTZaBRpzT8mYzg7OmondkvOdtoPj8qyL-xpsPSLIADXHOSoeEKmMlOBHGdr9GttZmYSuJpBMSQmrOpoIEJjmzPqy92MCJBn-ea1j-7ap4XBrxUJbXpu8Tdd85dGKoanVcc5bK_GeUS8If-HFwSi2FEJNGoVL502yjITsjr4ZgpIUsEn0-2e3pupQaRjCg-EW6bDGsOQHW66dJ98P1aXu5eGCEogOQQ&sai=AMfl-YQZaRlfevLfMdloGAoWgsadbTdQUduLJAfcXmqrV6hekpandduYFS1yTvIgFB34r4p2XAZxivXwjoKteXWPghSHVNZ4FYLMnbcuygvDvx6OZw4NGVdHxLuB1mxaBQ&sig=Cg0ArKJSzAWZfzmJy4qyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B58E 75 KB
25 KB 338ms
337ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

4159211ce80de64a4c0c4c6ca7443fd41563b4ea2a344bf53f00b59c5229f40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25721
x-xss-protection: 0
server: cafe
etag: 0 / 19551 / m202307060101 / config-hash: 5399332811747128074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B58E 179 KB
56 KB 901ms
579ms Script
text/javascript 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:15 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 541C 0
0 276ms
276ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkYN7As7fh2UMlaIa_uDFCg51UnB2ik-1V8i_MORyzyVUKHA0rP94NnVjIL_oIn2IAUymhtd_WRi_2TpfcCuhl3wMo9A7L4bOBaDjty1vMcAobO2iWWM3bmLC8nzDokEJYGRI8w3lVn3ajwQpAQwaLlEI-6ofzDfYkVU4Ee5RuW_q-mwVa36k_WJ1XyV25U4PG0nfqsk5ty9Rdvv5TIgw0d59t61UuJuob9eNv_2YZ7t-7yRXFxN7-KiOPTpgJ6iFlbK75tg03r00z7LwtCTJy8SagIDj6AWmtT06hW33rlC9SMQY1sXDuHcW0HnxVO4p3Ds8xBS-E8icH_INayH4sZKA&sai=AMfl-YQRL9v15nJrUaI_2k-h0fKYnzx4tLyNEITTobld5iGXSc1tkRcQnZl_s5RBDnZ4dGUQcsjadjYmoQ5juRaCUK93f8_ZIZ29YKu0VaIHQd1wZbjowj0u1M9gAfYzlA&sig=Cg0ArKJSzA8zgUd48k8xEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 541C 75 KB
25 KB 288ms
288ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

31ea176e31866d78445b7bf064a9f9791e0ffde0441c1648ca7c38b2403b349c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25722
x-xss-protection: 0
server: cafe
etag: 44 / 19551 / m202307060101 / config-hash: 5399332811747128074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 541C 179 KB
56 KB 633ms
633ms Script
text/javascript 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:15 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/ Frame 63A4 392 KB
125 KB 214ms
214ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 10:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12936
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127592
x-xss-protection: 0
server: cafe
etag: 1084883806831873288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 12 Jul 2024 10:36:39 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 63A4 1 KB
689 B 244ms
243ms XHR
application/json 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

2b638c5404341e6acfc88b941f89942fd556644aafd936975facdc1a6e46f562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 505
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:16 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/ Frame 541C 392 KB
125 KB 303ms
303ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 17:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76047
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127592
x-xss-protection: 0
server: cafe
etag: 1084883806831873288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Jul 2024 17:04:49 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 541C 1 KB
666 B 330ms
330ms XHR
application/json 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

2b638c5404341e6acfc88b941f89942fd556644aafd936975facdc1a6e46f562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 505
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:16 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/ Frame B58E 392 KB
125 KB 440ms
440ms Script
text/javascript 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 17:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76047
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127592
x-xss-protection: 0
server: cafe
etag: 1084883806831873288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Jul 2024 17:04:49 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B58E 1 KB
666 B 376ms
375ms XHR
application/json 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

2b638c5404341e6acfc88b941f89942fd556644aafd936975facdc1a6e46f562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 505
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:16 GMT

GET
DATA 200
OK truncated
/ Frame 63A4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a523d5f44c55901c785f762f4bd360142b1b2c425d6f9fbc1eb28a4c4ed50bce

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
319 B 1107ms
369ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mobcup.net
date: Thu, 13 Jul 2023 14:12:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
DATA 200
OK truncated
/ Frame B58E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4704d5f99de6b675ff605a9903cf9a92f9d7db8a8e367cf41b25060b24ea7e7b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63A4 0
0 247ms
247ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvskqwfSwVACMLNUltoDKy0sobkRLYRSiMT0b5dQuq6qjqHbiT1_MkhxyUASCPHxUssOTMd63skHLnZXhxzt-452Dl4QMwG6yam5usRn2GVss2uNV5pJrhtaDBFVZevIZONlRNnMCfKaffbn-x0HXTS_mzmlK3RzduMLTDWibcu6Kqx1aq_CMy6MZ7xGv8jxRopqy6ISoMyeQRM1VGjPP-t_vMvb1qNTcH-q0sRaGSvsmHPwKrCmCQ-N9XdOzNGyMKzkH-MyenGH2s2UacOima8HmG0f-CKMe1N3o8FyRkgJ2drIfPBLpMkv8FQW4oqIgni6OPqDhEFwcx4kQKTObcbRcSwmrg&sai=AMfl-YSlc6d4-4hK35x7fAqSLNmiIIF3NJv8lFjkU2HEV9lrVTj03SynVYizWxPErYzVbnKgYRXQdRcYumrnceeLHxLi5AdUtmL8w420WSpLu8LymtKjWYETZKR5XN9Ogg&sig=Cg0ArKJSzDK5-oGQd7L9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 63A4 107 B
165 B 245ms
244ms Script
application/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 63A4 56 KB
21 KB 767ms
767ms XHR
text/plain 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2136665627425403&correlator=2960543108159147&eid=31075929&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=22387492205%3A38047625%2Cmobcup.net.Banner0.1685595582&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C970x90&ifi=1&adks=3104198082&didk=1852909584&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D087b31da9815511a-229382c4aee7007b%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw&cdm=mobcup.net&gpic=UID%3D00000c208647aea8%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A&abxe=1&dt=1689257536300&dlt=1689257534711&idt=1558&adxs=315&adys=1055&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=y0nffewrt9ds&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mobcup.net&loc=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&top=mobcup.net&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=251710271.1689257531&ga_sid=1689257536&ga_hid=1233017799&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

191c4e7522e32d6a179784a9d93e0ef691c9d8d926383e3e5b913eeffcc52a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21749
x-xss-protection: 0
google-lineitem-id: 6318952203
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138436066583
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 63A4 15 KB
12 KB 259ms
259ms XHR
application/json 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

35a41457155421bf26bcf716b0221c0d8487490e1a742c74d20d96c8ad339848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11741
x-xss-protection: 0

GET
H2 200 container.html
cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DEB 0
0 250ms
246ms Document
text/html 142.251.220.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:16 GMT
expires: Fri, 12 Jul 2024 14:12:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 541C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fc0e07f6f198d7a547f6a0ff3d19dbda0634a3465016596e85bea2ec29d075b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 541C 0
0 248ms
248ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssu7fhJeLR13bB3W42DIGovUr1e00nk1l75AYf5Cza-y218In2w9e01Ju7lKq3IlKP4OGBSs7kjPRcCeZ-I4L4wpCmZLeIH-DikQob9aujOEnLHUvLXSgBobeoRE2nTRa8tVqn-tEbTh4VJctJKJEHldf_kJ2g_6bWvedH583BJe7EzIwXm7pWja2iptsQoFiO6wqVT44WIvZHNcNPM927WiN5yamW0JOkiAI-F-r82aUoW13i5nL5uF4u31LwPkEvqpHj7KP2rJ6ck19--9AXD_11bJhdcBJAd5Z2tuRfJQBhkh7iDbsrh_6eFONjlQ1u_QaZN85RHLud-_73VNuwovhwtOA&sai=AMfl-YQCq6uB8DyNWQNm9O4wkA0DFXkBPoRd0zmzRJQzBMMq0uFhVw7X7cPCxYVMbshTAkDbxN8fXMI1AYWq0rroinATASZ0pJ4pcmDSaBcK1DKLMgY-bRNilWILNN0E8Q&sig=Cg0ArKJSzOu_IVnc4K0MEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 541C 107 B
165 B 246ms
246ms Script
application/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 541C 56 KB
21 KB 773ms
773ms XHR
text/plain 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2046636510898067&correlator=2792056679366088&eid=31076048&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=22387492205%3A38047625%2Cmobcup.net.Banner0.1685595528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C970x90&ifi=1&adks=1373321909&didk=1852910406&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D087b31da9815511a-229382c4aee7007b%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw&cdm=mobcup.net&gpic=UID%3D00000c208647aea8%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A&abxe=1&dt=1689257536426&dlt=1689257535594&idt=814&adxs=315&adys=48&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=u4j4o5cx505i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mobcup.net&loc=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&top=mobcup.net&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=251710271.1689257531&ga_sid=1689257536&ga_hid=739460186&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

ee6494d146c666aa964903071c786349027d4f1cf079712d98c77dfa74b04499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21748
x-xss-protection: 0
google-lineitem-id: 6318952203
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138436066583
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 541C 15 KB
12 KB 258ms
258ms XHR
application/json 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

7d4f5d35b278c44612c6886c5f3fbb83b8590ee476fe7be15cfdb9814e20fae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11758
x-xss-protection: 0

GET
H2 200 container.html
c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 20F3 0
0 249ms
245ms Document
text/html 142.251.220.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:16 GMT
expires: Fri, 12 Jul 2024 14:12:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B58E 0
0 248ms
247ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh5o2p4RzgXWYz4m0-kK-n60pryeZLQMosM6fB_xaHr0l7FkRQGSOCUtGup0Xw_vUwLk6_F3Dido2a6WWs0Blecmnt-7r0U--dMr8PnQ118Q0UD5T9R5qMAHCd8S4DVql8Z_gU6E57s6HouxLxbSxfvbzjAExWtrkNO9ZyIU_LeLxCmChL6bUIBxtylgY1k7kcwTkAf-mRyWA_CwXXYVDvpTy1_h_yfUDAvyZnQN2rbk26UQBKZXFgaxxJPuDckU4Arkqz_E5ilr17fz3Qc_NT3w6VMoxiCjlNIARjOv_8aPQ2YzpUqjR1Z9W2ftGPJVAaxwfg_3Cm0JnGrsxEA0-961UuArfj&sai=AMfl-YQ5sFKyYUm6cL039SuW_GChPqtK4P2B4GbqjvRgZRRze4ovOSwhOoZkIvsVbtJ2637B2a076tiw9o80S4d4rzRx-hHaj6SgYg4jldlWt4CmQIOgLGbFG8J-Q2Acvg&sig=Cg0ArKJSzGDqB-Fa6ZQVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B58E 107 B
165 B 245ms
245ms Script
application/javascript 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobcup.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B58E 56 KB
21 KB 812ms
812ms XHR
text/plain 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=360470830719753&correlator=3124249847598924&eid=31075591&output=ldjh&gdfp_req=1&vrg=202307060101&ptt=17&impl=fif&iu_parts=22387492205%3A38047625%2Cmobcup.net.Banner0.1685595811&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x100%7C728x90%7C970x90%7C970x250&ifi=1&adks=3681659330&didk=1852840074&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D087b31da9815511a-229382c4aee7007b%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw&cdm=mobcup.net&gpic=UID%3D00000c208647aea8%3AT%3D1689257532%3ART%3D1689257532%3AS%3DALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A&abxe=1&dt=1689257536536&dlt=1689257535152&idt=1364&adxs=315&adys=297&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=rg54oca90d9a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mobcup.net&loc=https%3A%2F%2Fmobcup.net%2Fringtone%2Fthe-sims-1-burglar-udbtt868%2Fdownload%2Fmp3&top=mobcup.net&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=251710271.1689257531&ga_sid=1689257537&ga_hid=1377590580&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

ad0d9a416354341aaea818c12b4dbb5b4802f8434350ec0d36ec9ad6d93d40bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21761
x-xss-protection: 0
google-lineitem-id: 6318952203
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138436789717
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mobcup.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B58E 15 KB
12 KB 258ms
258ms XHR
application/json 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

23c0bb0f1130cfe595d86921d7ca6cad2024eb4e9efe372d415e04e227eb9a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11857
x-xss-protection: 0

GET
H2 200 container.html
d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BED3 0
0 250ms
246ms Document
text/html 142.251.220.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s02-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:16 GMT
expires: Fri, 12 Jul 2024 14:12:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 63A4 17 KB
6 KB 1397ms
637ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 541C 17 KB
6 KB 1287ms
648ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 261ms
260ms XHR
application/json 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

7efd11c695ba1e518ffa69abf22e61a898191095a22414d677dc7ba6fc4363cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11888
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B58E 17 KB
7 KB 1122ms
591ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 710D 0
0 253ms
253ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm42A9tE6-WvgkUSkizHFvCEadzkBf1UX5BpXfGL7Ga_ay3hXosF6WNhvZmDcGL4yZ1r_qzBHqduyxKFxknMrpuH13M5DB4VpPKXL5nXDpxeM7EdbOtfFeVgZxNVMUaRkKi4si0H9vu_twnClb1VfYZwsJEktUkZkrr5oVodNEvKHPycA9Kl3GdB6K2SmRBLBfn09ZdTc8C9Wk70yW1OsXMFw1dSXzABtiZuhrPu4WlG90o-_D5l-QM5BJEnujys696p2Ezutmgwf-IEKCnoL6JI98Bxx8ZGGOUXH7zi9AtguY9_0kY8zoLT50KI4aQG9CAgGexi6GAgYwQ7F1faNJwj0&sai=AMfl-YRX0hNsFBT9sn8M24MUu-dAkVGkgDkN1HukcjLo8pZ4TJafr4evqhv9vi_BA4WnYjaS65e2X0PEOAhraFowCMi9pBcEthn2G6XW1l7Qvj-2VXiOvXw-MuLJwjzMHQ&sig=Cg0ArKJSzPVG2_f0tx1bEAE&uach_m=[UACH]&adurl=

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 710D 23 KB
9 KB 464ms
216ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:13:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 710D 3 KB
1 KB 490ms
243ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:04:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 710D 179 KB
56 KB 246ms
245ms Script
text/javascript 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 11959498430711484732
tpc.googlesyndication.com/simgad/ Frame 710D 26 KB
26 KB 729ms
483ms Image
image/jpeg 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11959498430711484732

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

afd2f115298e77a7513a8451571590c7d37b6ccbd82f0ed02f1668d5c459613c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:04:37 GMT
x-content-type-options: nosniff
age: 137260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26775
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 06:30:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jul 2024 00:04:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 710D 0
0 290ms
289ms Image
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsNkFgxmu-J-TPp3iJ5iVyPdhZayGi1z-hUVLP0oL9M-lgnOQrfAdl1OZiPYAqdp0t0VzYnIIuKu2Proj_JtObnunIJQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js?cb=31075929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s03-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 710D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8172ef3a62eb0b15c9814ee2c1f73ac2f7c685c60494edd877b6e0ccff7718d4

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 663ms
663ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25F6 0
0 247ms
247ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUq7EK-DzjN6WhlGI7AZLmu7v9rogJi1mnoDcyDYPwRWQdke1zQp1M2Y3UzO4bGoKAB7hG-etMvI2pwM7Y8mA0YTT_6RNdSU35PpxAn37xQH-Yi2PT1MUHT9Df7SeM64dTOBTunC1fIqU7lq5Tc8l_J8ueT1DNUj-tAjJohue3FmZphaV9cTzdXlFpBietH0VHv50uHFo5AmEZw5UA1s7bAHTtXZ-7ei-nEjkb0-_CS3Bk7PQFBe3M7pAaMUlWWTitD_RhuZh0mEJ9RYQ7SO4vTgVD2TnU_dzC0HtW-2o4LEWaIuj2LVpZbQcmACQVKRnN_pJVp_Hestb1O97xKnKqG2U&sai=AMfl-YRCYPDrdE89SRcbLlSXoeAZxLWNeq_vHVOXGa1jM166NdgGIw6v6SMi38cO5bW7f5ufq1h1X6BI2kR0fMfPxPHIwxckIaW0yDgBagcPmKj_3sCYqoRIklSx4w55lA&sig=Cg0ArKJSzC_wO1vGBF64EAE&uach_m=[UACH]&adurl=

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 11959498430711484732
tpc.googlesyndication.com/simgad/ Frame 25F6 26 KB
26 KB 371ms
244ms Image
image/jpeg 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11959498430711484732

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

afd2f115298e77a7513a8451571590c7d37b6ccbd82f0ed02f1668d5c459613c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 00:04:37 GMT
x-content-type-options: nosniff
age: 137260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26775
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 06:30:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jul 2024 00:04:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 25F6 23 KB
9 KB 677ms
677ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:13:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 25F6 3 KB
1 KB 705ms
704ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:04:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25F6 179 KB
56 KB 287ms
286ms Script
text/javascript 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 25F6 0
0 439ms
439ms Image
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDN47KmzECIQgDeb0bKnlaI9Ek8e7cUJIZtX0DLTcxn3rbstjVDC6y9I6A_u5Ki1WBKGZZ7vAdjDU1J90ibkEbtPvRcg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s03-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 25F6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8e4069e72ebacab4944522f81b4a55a743d7d7c02898e648203614859faf0e5

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63A4 42 B
174 B 245ms
245ms Fetch
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyyoF3Tnu0s6wWYwsfRpkzcpHsQlFXay1T26nseqSklnMJIf9RsysCsQP5WR0O4MOSQaR9a9tI0cG3934rX9Kp0neVvBtw6xfyQTkGF71-d2DfEi2k&sig=Cg0ArKJSzEHLmybiHenwEAE&id=lidar2&mcvt=1000&p=1055,315,1145,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2830307924&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689257534711&rpt=1575&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8846 0
0 253ms
253ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP9Bs9V6WKJk3CXbdGLi-soWNEEFmoGyHvLv6lYnYIxFZ-20bUR2O3CoxAAiPVieaDacmlC5fob7bxjviLQ3g0tpE5z5m1PYqvUqPAO5YLPnI98hKtOauDyOi7b21Wgbcs-FjputIv7dT3FN73ywnmpdnfyjTU2zz7FHR0bBPmkJXa-TN2478DKAHwTAHr7D07XoAgKitQosafo1pP3yEnDTEZxnM5qFuSkM8XB89rKoEWcxUMTZbwbJr46VbKcv1zbJSMIiaMlCxsUfXzYGbQdG_-PczEboRQbC6MF6RIFCYam6J9sumrbwwPcXYiRYs6uAzcZ7LJ14NNmaxehxHIldM&sai=AMfl-YT-Wbo3sfudJRGWO90n3fk_gyJVbZ5xsxcVIp7VcRZG_q6QPeg8sOAoxK8zKMPKsBz-T_uXU0RW9kE9l4i-3g2UN4Dvn5qHy2fYHsXOKvjOymu59Y5aFnf9DvooMA&sig=Cg0ArKJSzNtut4u00SYcEAE&uach_m=[UACH]&adurl=

Requested by

Host: mobcup.net
URL: https://mobcup.net/ringtone/the-sims-1-burglar-udbtt868/download/mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 8846 23 KB
9 KB 691ms
690ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:13:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8846 3 KB
1 KB 717ms
717ms Script
text/javascript 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:04:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8846 179 KB
56 KB 277ms
276ms Script
text/javascript 142.251.220.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s01-in-f2.1e100.net

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 8617874797697563561
tpc.googlesyndication.com/simgad/ Frame 8846 59 KB
59 KB 721ms
721ms Image
image/jpeg 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8617874797697563561

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

a79ac22cee3ac800f12f94a5d81d8e284d4a2fcd35b5d59f4f6f6fdc6b3bc3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:49:18 GMT
x-content-type-options: nosniff
age: 541379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60613
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 06:32:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 07:49:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8846 0
0 387ms
386ms Image
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtYKOWbNTvOQNv0iCfqmSoSYkPUoBFbfUcjAAdeq84e6e79FvPCxLaz1ITdEfOf7fbNp4kJOtHJvrZW_w6_MBUyuJZVg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s03-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8846 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb43671544d99effb11120dbb1b438fa6e9ef913174e6dc2bee54d5549a2d53

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 541C 42 B
108 B 244ms
244ms Fetch
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGsLk2ZSh8bbKl2Lht2VQ8ZgJzM3dLVbK9qXgZaXRhtYP184ZYq08HKZs3Swzkk-wanw6Rq_0U5CktgflolL3MaUTC5jcBga_Lsg-nAExWOxa2hQVn&sig=Cg0ArKJSzHPJCPe-9KvfEAE&id=lidar2&mcvt=1000&p=48,315,138,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4152034657&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689257535594&rpt=823&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B58E 42 B
108 B 245ms
245ms Fetch
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBBnc-IRWjWxrbRA0E1pBglQK5Qj55dUF1am9PJ9LvtzhFwioBqOJKiN8RH5BPngrPMMtMcg_IjX87Ffe43zrlLno4m29rawUkvA7Vg8IXM7k9XFA3&sig=Cg0ArKJSzKnELmV6aPiKEAE&id=lidar2&mcvt=1000&p=297,315,547,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1709037306&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689257535152&rpt=1375&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25F6 0
0 248ms
248ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1BkwJf2Q1kXF-ULQ4cATGThPbvp-X6jNOcmV3iyKd8ecyejWIShHWDUurE2Vw_i60hAJSm3Fh6JnNTuKe8kCU325Pz1X4xCoa_i4jCwA8YzsMPzDfAWHAcKwS7iVWYXgtolnvkEN0d8dk960PTOVtHcep7kxCf1UbPTy-8dBmPz26loK3u3KNqB2HfIm0db2PW6fmrKNhEusJc9sXOHAhHVlgL-kmFJxXkhqdO2xbk6NrlsY-OTLzBXyhvhf0FA3N4f9aYRYLrOMSDwPWG-WWuXyAB_sn4kWWbw4KG655ANusSzK9PssT1SDOzuVPXQ1-qg4OohKzOUtEbm66L8fzB68mLQ&sai=AMfl-YQt528O-IyAS31Cm0loasSjX4qulXBIZz5-ptigCq6n_kCrhLrhH3p1qwKVAd_lXnXua7zCmIWJW5JP2xUulGDImucZtXHg5YM_Ldu9NjYVIOZGbrpeP7imdBipOg&sig=Cg0ArKJSzMIhT60Le6ioEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:17 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 710D 0
0 248ms
248ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2iPv--H9aSHZu9ZY6Qj8QhL6Tc3GmZsKIhgkLGdjRiWAODgUgHgw5CeMSPRsCPwHR8eZVJAmBP5P9FmFHEUhq_345aHdzelHD2e0MoZNXz1X2XeaBlW1HKIDl1qtymFiIrR0xsLSUz-XWzwLtCI9SZ4nNM0izmmIhwMcjGGdAwMQaaV8AlIEWOOzN3ssAv2dYaQENGwdTQHyOLhXmKAfcfSJuEb1uz-CKascJxlfA5CnuszCgUQWNy63GjLUYMa6YT5TxOrcbSmIAuR5YzEY2xZ9GASvMw-UgWaky9rtHN5nYTVWFQgQ9vBoQw2ds-jP89G896k1mEzefjasxXaladUH35Q&sai=AMfl-YQ_uDxdZF5a10J0zPW5zc-PLeHLLG9ZSUMkDXfFOudyAQR8Wt11ecwTNeaDbOz8m9-rYSFDrKDtvhagil-RsyFvFmc5q82VWRvq38x-7nYAJU6DRZwoG-zCAvMBzQ&sig=Cg0ArKJSzBRFpEpj0_qREAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:18 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB95 0
0 235ms
233ms Document
text/html 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 295970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 03:59:28 GMT
expires: Tue, 09 Jul 2024 03:59:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 3124 0
0 246ms
244ms Document
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-huL1P_QyTvJHi6G_jUpfxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-huL1P_QyTvJHi6G_jUpfxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:18 GMT
expires: Thu, 13 Jul 2023 14:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 99D5 0
0 239ms
238ms Document
text/html 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 295970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 03:59:28 GMT
expires: Tue, 09 Jul 2024 03:59:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame DFD7 0
0 247ms
247ms Document
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-plTmWDgLPYHt9hro2lYZvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-plTmWDgLPYHt9hro2lYZvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:18 GMT
expires: Thu, 13 Jul 2023 14:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5446 0
0 223ms
221ms Document
text/html 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 295970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 03:59:28 GMT
expires: Tue, 09 Jul 2024 03:59:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 2140 0
0 246ms
245ms Document
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O5FDfE9W4pF1uhqECbNkJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-O5FDfE9W4pF1uhqECbNkJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:18 GMT
expires: Thu, 13 Jul 2023 14:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D9B0 0
0 217ms
215ms Document
text/html 142.251.221.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 295970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 03:59:28 GMT
expires: Tue, 09 Jul 2024 03:59:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 44A9 0
0 246ms
245ms Document
text/html 142.251.220.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s03-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Jl70Ko3zAiyQSe2jbVK2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8Jl70Ko3zAiyQSe2jbVK2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 14:12:18 GMT
expires: Thu, 13 Jul 2023 14:12:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8846 0
0 248ms
248ms Fetch
image/gif 142.251.221.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaLogFQqOzgzIe5YE48m_IwfeMvikxRabRTfYNjRS-mORfcyH_aKMNC3B4TQxKfRGlNskW5BrYqwrvAvfWCY99_e6BZrv9zcwRN8FmEGDwmaX7M-oPTnpJzHBGOffRbqqPkESjNFbqnSgx-UIFAkWt_frG8k1m9UyUxFr_k3s0bnbd4UxFZrcFtZo7TbJSkpdcmB3HCHq4sV8QIDZrruWiiFe0OK_hL2Uf23SSKOravF-GcMb67Lybzd6P_JFW5W9ZKulYF0GOocjgnSmXZtYm67Iv_uVHQJnuwc3vePg2EgZZq71jsUxYyUtHGTmodsSLGRZ9IOS8khcEKWY6Zv2qP0kv1Q&sai=AMfl-YTUxDOHsXvBWrnRiV2gxx0brOiSZ2ocppm4m3mWGjFmszUlNlROjE2bmEfgPISEN13EN9lEu-aLnXt3DWpiQOgXOG6Mc0L0oeFwxNNd-SasdYAPon74GrwN7d3SFw&sig=Cg0ArKJSzLEC4mAQlV0aEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl08s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Jul 2023 14:12:18 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25F6 42 B
108 B 246ms
246ms Fetch
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLvq13likYsCrZX4YEDVFmQMA32vulXTCJJEY_i9FNcj84_D14o_ctoblz7nLniqwGxGmHtNYJ-uHjF49opyB52dMx8eXa1WbDNiO6NWpYxTXW8B3q&sig=Cg0ArKJSzEn-ueLy4DIOEAE&id=lidar2&mcvt=1000&p=48,315,138,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1373321909&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689257537216&rpt=624&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 710D 42 B
108 B 245ms
245ms Fetch
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgIzw2qyfTQl8Y8g7MHQ0cXAu_d5-Qc1dRR43-a8jy4tLfXrxg3FFw-2FAbFb6Uk8uN07dn-9XiFQ5t_bAKKMHQvridhQQ-LBlIGTNb0LzpVfGv9rE&sig=Cg0ArKJSzHgZeQnshHW0EAE&id=lidar2&mcvt=1000&p=1055,315,1145,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3104198082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689257537098&rpt=850&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B58E 0
0 247ms
247ms Image
text/html 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307060101&jk=360470830719753&bg=!8POl86fNAAb90kgr3dI7ADkAdvg8Wl2a-mqUPb7HrBCtAtjrbiWnNgpVjtVDZhUh5vCvpIUpFffa37U12CMOJv0fvir81GIsudsCAAAAv1IAAAAEaAEHmQMEXlYkwvXYtAGm2h8qX_oWVK62gH8d8TGHSI3pXWhMFkariMKVeTelL07-Yna0ALnE56cL8zTetZRTdK3A1dRkCx-hnhJG0cIQQDCpHftnrei_Ud9dsCHk-UuLGr-n6cK_TWr7R9FTkrUdPUltvFX24lufCN76-VY2kvUoxHdnCnthPq1t5RQB_mxx0gr-NgfB3DpE8-EpdV4rYxON2oxSl0yuaKfD8iMJoQ552xwrfuWKUMNkEJ8Z8EDfyc1mwyb1bFADhTOobvWBFRKFpelOjoBdVq4X7fvo4ZFMyJm0ARgsnEo1gi9chuJUECaGNToFnhXPC4vw0Gfnuj2ROFf8rmHryNL7c2v9Ktu8IHdmCEON_1h7riaNsl-6thiifsfUterQYS-3Cx2vbd0cA6TnGhNqNOwdUOGtydSYgcZwKegwl6uPBiXd7ealgYeLgd2BbIaF0lMcJz49yGv4BqbYLyT_jlvIfuusZxLyXzHzhWHP34BH9ujwJPcEi5lhKoLd8inPchgdHcgU2CFYJZoyRpU6Xo1uh2s5oamIWDM2woHT-GW51Xhy2K8r6rSiszyMta53GBPDrf_AaCuRsqkx7-LhHa9SlyhF-h0sHuyEw7nWNcpqYKmYCQkylc74C-zvRiGuIVdAgADSf0ebxzYa1X36ts511btp0Ng7zV12X0e3iEpI8uPttdNXxqIUdZHQ7I7Px-ve1bMgcjODyvjzHhF6ulsAlfdcmu3pBboPpxK3OvLlDWN-_46WsG9rpKOfSEzqjXpgoR6oaOmBzRJwDsY4PZqXOOmlnFri_JL3y95nGKNqEcRaCYTvAQz59Lh5yAecc9TTcg-veRkWp3oCE4Vc001SLj9qcMnp-9kH5iyzya5YCfN8IqlRZ54tGtGt3SaYP9oYbI_vzMIauCQzYvXMvz7lBUJikfYzbMS8Pv9yLYTZJGusJiFvFeLOLBG4E9cIzA7jYOs04WME_TuZJFlhChn2DOhvlj57bHUq-dnM4tlIljcj5z6cAGwB1OEUY9uYoQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 63A4 0
0 247ms
247ms Image
text/html 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307060101&jk=2136665627425403&bg=!cXKlcibNAAb90kgr3dI7ADkAdvg8WiTsgb0aP3bI4zlXraH4Da0nED8OU9Dp6AQD-2wPf2YXuRdITXkGiJ8b-v43OJnkAlI3tDQCAAAAtlIAAAAFaAEHmQL9XFnW04iowgp97JrnZO2tWzDPxLsDxFflKkgPNsIEbue5kzR7KF4MUJHN1ndQtNAkCV7qSSGxgLWFI0Msgd5w2279egoMZ-8SdUi8lGad-OritdYmyFL5Kp_vYKOeUELYb-RVYeAcpzal-QSg_acjfAuy3PHpzKvAP8_nSD2QkmLzrYS_S9sE0Hs4M_V2xemKmBfepx2VKWjXnOTszNfjoq87Z-svY_ZQrXrDIHrVRuKq692yGBwpE04rmjuyckYJmPM2bjbq07SFwsQmixv1pOSDJjxbCsUbVBxG9cue2-aAsVH8VjczYPp1bYHpRuwotDGGtWsHD3bHAJxw8dZYmJ1tEpLP5_PLub63xbX8KgVHEhJA3kdeqat252mNdM1XWeKzqJHhC4bgttww7ALyx3Xb8tWKryRq1nr70J3AVpXK8LoiwMFaCM-ylOY2rCDYRM8WPqYrsbBGXIAtapE5HXeKC2UtUIAvxvoV7f_82RYgXOfYTl-0ZxuzgpYzLB1obN1s9wGaDFBw9oGX_iSp2qiAmTpmTwz7PwpbiypuKVYoduLsg8sNfvNIBJsSt3-_HYmaoxEeVQmpgmyD8cjnzI11rNhn5wvIKJQ-4PiJSWMS1ISsCv4JO8qV2t3bIk_Pat0RFfmBD6v7HqwWaC6i81mIzxvZd0qSScSf0tjmydWoKoMss_qtxSb5gsZUb51fgtq29XnmRS0_KalaCMzwrhVDPp7ONIwXMTXAceX_T0KQojI3ZhwKpWP0Ydh9F2mFRAtN-8w7XbadZdhwR62DwjSxuq6ol6qh_1qZHYGH9OAVApASxFOdhEOvqcOYDKnW0jph-xCiJhlG4PuIdPo7HdpscIBvTNoyAShD-_wZ16mMdxwQqFNDE5hZf56NjNkbk1qw6i23_Q3cOdZCAUD6hOJe9UYxX4qzoK1JsTcapCubwOHdtBH-UaHMreP0jnis9puesW-SfVrAXS4Xi6Ccmnncif50MRmTa5Y9mcXyjyoLehi6I6xaHZ2UjPpw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 248ms
247ms Image
text/html 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2744822836116702&bg=!WFulWw_NAAb90kgr3dI7ADkAdvg8WjTx7RVqKoi8MpUlEh76m3Ly5-q3q3oQ0ZHAc3pUAwEKBjUCvr8WIBWbDZMz7DsZfSpEvugCAAAAqFIAAAAGaAEHmQLzTm1pePk9nnEeIuiWXbf5ooZ0WHNAylb828MbTk3hZnjEZ31W-dlBc_dDK0QK3OJzrJ1npVhWt1oYNY4tJ1W7SmLNWkouUfnyeJPUzKoCSO6WeSjjFQstMe64igjYKimzTiqNCNhxEXi5w1eKCDDM7xh6szJLIbHYQtLF8r8at2AA5b0b3JXQf8GGIcz5AbiH-P0SztCr0NG9i9eTq2CyuFP6xsENfYxlvGdhhwlXq_J-XBo6-6S-ayCCyEt_NLLDDA1uONDPkKLuRjNWgFh30trsZIENwRrIfOQSVzNWnb9pvcpIhvYLMQ9XokcISPdwv79nUnQL4iNc7WQGevPkh7_po-EzlY-2h0cN_NRdRHMKDTGa0_hojj2rvxTYj7rv_rs2oayp5En-zKxJMyyGYrH8hXL1kWy6JqrPlzX-MCRvJ4B0JQMRSlPsI03WmipTq4mzJFkLTnmUZCk_HFso10ImRkerUgElgl30HMnoFJYcJ49iMyf3JdLLyzZ5AvjR9pOCSEG7hp-pE-Czt20JmZmO1saixT1jB2kWTWIHYCrtWl1IqkU8KFT0zIoXlpE8EhugTA4IcEcL4hgdE1rvot6ozVyDUYZUyF2BmFgsFXKVfV-_v4wCKwPk92IowXvPC5GvXOeySHN65ODE-8StVRpRUIghk2oR5y2ss1Z2ANYWKrSuN2NtMZ0lAOPH_xUoBopgHGz8BnuizvNPP23U_S37jJKg1LNi9EHGAhQEoVcZGb48UnTMQyu17zoTdpAXetwrEg82aRW7FTt5i0CPUCPDfaK9rExz9vUt1aqUfd_jvcvzZclu9MXOBdz9sY2OdkkAwIkMXzmyP3dRyNTo1y9ujdFno7vWNWujlNFMh5NWrTKS1oMNqsBAKPY7lFp-Sr5PFvHSbBvvC1fpMhne1AI5H7uCa7XXuHGUepNnQx0ctfkrsGdz_C1sx5w1E5Kvg5HHFBV4rerWblZre0oM9fVXnS8bDpcq086lkEKFazU5kL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8846 42 B
108 B 244ms
243ms Fetch
image/gif 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRr5gJnYomnI7FRUR65xg55nFJ2WEprBBYHJTa-dXgLSUZS5KQm5PNcu87RYoUX_WpB3a7AhWB7D0PC2aMdxwKWB0DEq9hux-uQmG4k-GfT-iCc3KX&sig=Cg0ArKJSzIM4Vxwati5tEAE&id=lidar2&mcvt=1000&p=297,315,547,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3681659330&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689257537366&rpt=871&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mnl07s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jul 2023 14:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 541C 0
0 246ms
246ms Image
text/html 142.251.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307060101&jk=2046636510898067&bg=!IiGlIXXNAAb90kgr3dI7ADkAdvg8WrDh5AZyh4eKvBmtFS2gllRFL7rSiHqdRQsTf8xVUiG66J-MEmnarFjK0zH8Zfe2tIGq-YoCAAAAp1IAAAAFaAEHmQL03_cZ5Sfw-Y_gWbxdzsVKVnNRQeIbgvRIpJWLXVesUf_SmzVDOEkhR1Yp-yIPo-bOzaUda0PbExIH8b83pDaxha9ru4yIoKmnL2y3EuQdlB6NMvE-dW6TYJHmToG3xCzHhnpZmUWGqp8oYfMGWaQ2eUXtduU4hgLwHQ6I9Lj9Egs_Skcavml2bSkJ6dYmmIsvEmUYYN2pxXq7_kofSrpPZV5deaMh7MkgU4wm0PeoODAhkpcklA0J4tUk0xq3AGsqGpv8pHbuo6NpiUkWQ_jEBHUtRaNWMh6k9z3ggCc3RXNf6h0Eu4ZZZfpSAXZUhDeH47lTD_OkLFbscutllx-cHEh0al5NCTPUkmdLOUbRmW329ALRfHPF-pw_9PhNjCz-3T3MUTufHsKuh2XA-TBFtAyevBwKWqOQsEuTCZ-Ucd2F1NR_jJQONTv4hevXJDX7ZH-ZOdV820DBK5mwpeeZo1LWTvylbof4lfY02cImwS7Qeb6PnQnqD3V0JXmrWrcVwoMtBNiA8w8IUo5zhF2VAYlNyuk3Cc5gFHI_fB-evCGr9QJ7rrBQP33JIMORkrQdKx5z_RoTWhNjYVu6hhUigu4ATqzCULzIzDZkkT_1ziQLvh0NpGHgvcOAIjGme6QK3t4E87kZITSdwedLauQpmEXVEphief9tS0ufuLwh-XCcJCLvuU1uHfIxS00JgmnjLh7miyB7u8TFy2aBCRscj3rC8PcfXZRa4vy6NXz_BDx_d75oDy0BD-gW8_P_wIuIN06F57IKuhnOQMTLOSxrfwUVYP2S7J5Pp8AqxWJBxL9xNAW3ROkMLN_n4WE3GtX7Ra5nBUB6KMWbwLUsb-XBMEsFJlK69DKRgnWK0CgRQFKGt_hXphmIKkgKz1ilJVR31eNp4AJr5EMQcVLZDJrFSZSWlt7jigcIDYieg2R_8hwZhmaOmx-_vU_VSr5j9xyspF4LAtSRDiAgJTlZ7jdZl3NqvYCvn1YwyKFVaGLkChrsEnV9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mnl07s01-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mobcup.net/	1970-01-20 22:50:17	Name: _ga Value: GA1.2.251710271.1689257531
.mobcup.net/	1970-01-20 13:15:43	Name: _gid Value: GA1.2.167404280.1689257531
.mobcup.net/	1970-01-20 15:18:43	Name: _gaexp Value: GAX1.2.bgir99PnT9quZgLgEWuyfQ.19638.x195
.mobcup.net/	1970-01-20 13:14:17	Name: _gat Value: 1
.mobcup.net/	1970-01-20 22:35:53	Name: __gads Value: ID=087b31da9815511a-229382c4aee7007b:T=1689257532:RT=1689257532:S=ALNI_MaFws3nLBvTseTjfDvhdQ1156cSIw
.mobcup.net/	1970-01-20 22:35:53	Name: __gpi Value: UID=00000c208647aea8:T=1689257532:RT=1689257532:S=ALNI_MbkXQXkk8uSz9nhQQQ2HcVgeEVs_A
.openx.net/	1970-01-20 21:59:53	Name: i Value: 9bb3185a-4cd9-44ff-972a-2bcff71394e4\|1689257534
.crwdcntrl.net/	1970-01-20 19:43:05	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 19:43:05	Name: _cc_id Value: b9f1ca70eab885f9f85649cb285fe52a
.mobcup.net/	1970-01-20 19:43:05	Name: _cc_id Value: b9f1ca70eab885f9f85649cb285fe52a
.mobcup.net/	1970-01-20 13:24:22	Name: panoramaId_expiry Value: 1689862335149
.mobcup.net/	1970-01-20 13:24:22	Name: panoramaId Value: 9ce10b75c30dfb14db051c40d8a416d53938b68e6b409a0d4bd981b9ba5aaf81
.mobcup.net/	1970-01-20 13:24:22	Name: panoramaIdType Value: panoIndiv
.openx.net/	1970-01-20 13:35:53	Name: pd Value: v2\|1689257535\|jElYiuvOhI
.criteo.com/	1970-01-20 22:35:53	Name: uid Value: 7ebbce51-6b9d-4f93-ae60-a9c6e4eefadc
.doubleclick.net/	1970-01-20 22:50:17	Name: IDE Value: AHWqTUkofxJWwj1HlTnCmchCOG3s5NEEb3VVrLRrCyh18psIxM12hXUHhxTGqP92oxA
.adsrvr.org/	1970-01-20 22:01:19	Name: TDID Value: 6a525efc-dbda-4145-8699-0c880748b027
.mobcup.net/	1970-01-20 22:35:53	Name: cto_bundle Value: cljEJl9Ua3Rjbjh3d09Oc2Y5OENQdGg2MzhFJTJGdDJCeTJ2YWl3MXhuWWxoNmw3bWNmMVAlMkJHRmhPN3kyREslMkYwOGlUSW5vYmNOUGZLT2dvdFdaSHJLTHZHSDlKSjhVbWo4eVJaMzhKWTNrNzlqQWx1Q1NKdnV4cmI3MmY3SkVsRXYxVFprYUZNQUZlajl6Vmx4aHlsSEFoaTNZOVElM0QlM0Q
.adsrvr.org/	1970-01-20 22:01:19	Name: TDCPM Value: CAEYBSABKAIyCwiCgcbEvO2BPBAFOAE.
.socdm.com/	1970-01-20 22:50:17	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjg5MjU3NTM2fQ
.ladsp.com/	1970-01-20 13:14:21	Name: cr Value: 1
.ladsp.com/	1970-01-20 22:50:17	Name: smn_uid Value: 8E0xcIQVW0xOzh_00iDyig-zDroNs3s
.ladsp.com/	1970-01-20 22:50:17	Name: lum Value: CNDW4fyUMRIFCAMQ0AU

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'run-ad-auction'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26f8b940976ce447c2917ada9de095e8.safeframe.googlesyndication.com
adservice.google.com
bcp.crwdcntrl.net
c84a4d4164211b375fae02ddc9fc23bf.safeframe.googlesyndication.com
cc546bd95d2fbaece52ec3e38f88f6d8.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn4-hbs.affinitymatrix.com
d7f63f70bd26dd8d2b0d55b2dcfebf05.safeframe.googlesyndication.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
mobcup.net
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
104.18.35.34
104.26.1.174
108.158.213.7
141.95.98.65
142.251.220.130
142.251.220.161
142.251.220.170
142.251.220.174
142.251.220.195
142.251.220.196
142.251.220.200
142.251.220.226
142.251.221.14
142.251.221.2
142.251.221.33
142.251.221.34
151.101.193.229
172.67.38.106
18.172.16.183
182.161.73.129
182.161.73.136
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.190.39.111
54.179.25.195
64.185.181.238
74.125.24.157
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
191c4e7522e32d6a179784a9d93e0ef691c9d8d926383e3e5b913eeffcc52a81
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
23c0bb0f1130cfe595d86921d7ca6cad2024eb4e9efe372d415e04e227eb9a05
2b638c5404341e6acfc88b941f89942fd556644aafd936975facdc1a6e46f562
2ede4e9c72ee12c846507030c4f5e63d0ed738d38709e164451bd1b2b42819b7
301793769e8f62e736557a1761d62a481ebc0e7b63b399588b8a31e69a7a8a7d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ea176e31866d78445b7bf064a9f9791e0ffde0441c1648ca7c38b2403b349c
35a41457155421bf26bcf716b0221c0d8487490e1a742c74d20d96c8ad339848
3fc0e07f6f198d7a547f6a0ff3d19dbda0634a3465016596e85bea2ec29d075b
4159211ce80de64a4c0c4c6ca7443fd41563b4ea2a344bf53f00b59c5229f40a
4704d5f99de6b675ff605a9903cf9a92f9d7db8a8e367cf41b25060b24ea7e7b
47cb9d4c76a7cd55cbe4d252cdede00fa93a14b6c2398cd728255a35f62876e7
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54dab4363894dd28d6191b95dcb110da747afc4c70050b11c061ce1409f9a815
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b0be94df05908708f85c23a7e96be6c816668799e62fc44011fd4e3e6be9527
6b561a925e30fdbb03634056a4dd62713cae6e3bdbe711feb2e1ee2370a92259
6cf0ad72503f6049383fed9f5001dcf19ad21296278fe92f50cbb2f7f0073951
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
74de6d8c7ed46e0d52dba31616016ed78164797f392ad24dd5e0de46b450280f
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
786f35873226d54693fcf4e338b1f6b16643ffd83e9e2c8f98fdbd890585b3fb
7c7f8c941c072a5d5ad1bcbbf147dfabc082bb995e3f495b8e5b30306bb50104
7d4f5d35b278c44612c6886c5f3fbb83b8590ee476fe7be15cfdb9814e20fae7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7efd11c695ba1e518ffa69abf22e61a898191095a22414d677dc7ba6fc4363cd
8172ef3a62eb0b15c9814ee2c1f73ac2f7c685c60494edd877b6e0ccff7718d4
842fd4eb0b4f4d064ef1228a5807bf4dfb0020e76ef90eaa3d0b201f3cdbc6f0
8b45d71f4ee120b4d07f0f5b5763eb4e6763700bcb738aa292ce2c19d7609f7f
8ead67d138a41e6cf31c713f8fa7ef1439acc29f95426e0d19acbff037fa9a7c
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec
9cfdc8d26510003ab8b5ad5616596a100cd603bb30aa4260ed8ba456b1e5fbe2
a1b9c0e9829dc5c68c654a699b1bfdf434fe9ba732d7251dd1105b2ea8a79755
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a523d5f44c55901c785f762f4bd360142b1b2c425d6f9fbc1eb28a4c4ed50bce
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a79ac22cee3ac800f12f94a5d81d8e284d4a2fcd35b5d59f4f6f6fdc6b3bc3bf
ad0d9a416354341aaea818c12b4dbb5b4802f8434350ec0d36ec9ad6d93d40bb
adb43671544d99effb11120dbb1b438fa6e9ef913174e6dc2bee54d5549a2d53
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd2f115298e77a7513a8451571590c7d37b6ccbd82f0ed02f1668d5c459613c
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c3adc75ed9524a350b873a3a5d67c8de3423aa8d00cc51d94bcd7fc9beb0e85c
c7703fc51aff7f6d0697d642e5af3ee9009da1de0638232950b75ff712ad18bc
cc88bbe4cf3dda43923d30b252a693e8b0321682d807d435e270ea63dd2c09e3
d076633408bf78e086b9125a46176d2fdeaf3a5d5b52bb9b3a9d562cea646006
d8e4069e72ebacab4944522f81b4a55a743d7d7c02898e648203614859faf0e5
d943623651ea9c693c3169486cb14c958da7034abc4027e81efd1d4e1988c7aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6494d146c666aa964903071c786349027d4f1cf079712d98c77dfa74b04499
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6a3bb3c14ca36273364359c0b26003293c3b1ef5770f89388bb103e394f8162
f874fb54f269b5c7cf1c28818e906d9fc5a4f5a4464f3d1ab53b65795e92d2bf
fb47d6c84a66a543238d93bcc24402f1fba33ee34ed2481356d767f2fa3a535b

mobcup.net Open in urlscan Pro 104.26.1.174 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

124 Requests

99 %HTTPS

0 %IPv6

23 Domains

35 Subdomains

30 IPs

4 Countries

1751 kBTransfer

4939 kBSize

23 Cookies

8 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mobcup.net Open in urlscan Pro
104.26.1.174 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

99 %
HTTPS

0 %
IPv6

23
Domains

35
Subdomains

30
IPs

4
Countries

1751 kB
Transfer

4939 kB
Size

23
Cookies

124 HTTP transactions
8 data transactions