www.shopsafe.biz Open in urlscan Pro
2606:4700:3037::ac43:c81b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.shopsafe.biz/
Submission: On April 27 via automatic, source certstream-suspicious (April 27th 2021, 12:42:12 am UTC)

Summary HTTP 101 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 13 domains to perform 101 HTTP transactions. The main IP is 2606:4700:3037::ac43:c81b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shopsafe.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2021. Valid for: a year.

This is the only time www.shopsafe.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:303... 2606:4700:3037::ac43:c81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:cd1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	128.30.52.100 128.30.52.100	3 (MIT-GATEWAYS) (MIT-GATEWAYS)
1	2603:400a:fff... 2603:400a:ffff:804:801e:34:0:15	3 (MIT-GATEWAYS) (MIT-GATEWAYS)
3	2606:4700:303... 2606:4700:3037::6815:2b5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	172.217.168.67 172.217.168.67	15169 (GOOGLE) (GOOGLE)
101	19

30 2606:4700:3037::ac43:c81b (United States)

ASN13335 (CLOUDFLARENET, US)

www.shopsafe.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.shopsafe.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cd1e (United States)

ASN13335 (CLOUDFLARENET, US)

www.paessler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.30.52.100 (United States)

ASN3 (MIT-GATEWAYS, US)
PTR: hans-moleman.w3.org

www.w3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:400a:ffff:804:801e:34:0:15 (United States)

ASN3 (MIT-GATEWAYS, US)

jigsaw.w3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:2b5b (United States)

ASN13335 (CLOUDFLARENET, US)

img.shopsafe.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.168.67 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s15-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	481 KB
30	shopsafe.biz www.shopsafe.biz img.shopsafe.biz banners.shopsafe.biz Failed adlink.shopsafe.biz Failed	82 KB
13	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	91 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	75 KB
5	google.com 2 redirects adservice.google.com www.google.com	1 KB
4	googletagservices.com www.googletagservices.com	134 KB
3	shopsafe.com.au img.shopsafe.com.au	30 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	google.de adservice.google.de	921 B
2	w3.org www.w3.org jigsaw.w3.org	4 KB
1	googleadservices.com partner.googleadservices.com	642 B
1	google-analytics.com ssl.google-analytics.com	17 KB
1	paessler.com www.paessler.com
101	13

	Domain	Requested by
28	img.shopsafe.biz	www.shopsafe.biz img.shopsafe.biz
21	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.shopsafe.biz pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	img.shopsafe.com.au	img.shopsafe.biz
2	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.shopsafe.biz	www.shopsafe.biz
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ssl.google-analytics.com	www.shopsafe.biz
1	jigsaw.w3.org	www.shopsafe.biz
1	www.w3.org	www.shopsafe.biz
1	www.paessler.com	www.shopsafe.biz
0	adlink.shopsafe.biz Failed	www.shopsafe.biz
0	banners.shopsafe.biz Failed	www.shopsafe.biz
101	22

This site contains links to these domains. Also see Links.

Domain
www.shopsafe.com
www.shopsafe.com.au
www.shopsafe.co.nz
www.shopsafe.cc
www.alexa.com
www.paessler.com
del.icio.us
digg.com
reddit.com
www.facebook.com
www.stumbleupon.com
www.google.com
adlink.shopsafe.biz
validator.w3.org
jigsaw.w3.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-26` - `2022-04-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
paessler.com Cloudflare Inc ECC CA-3	`2020-07-26` - `2021-07-26`	a year	crt.sh
*.w3.org Gandi Standard SSL CA 2	`2019-05-23` - `2021-06-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.shopsafe.biz/
Frame ID: D35D1442E5E9B436B5B4D88ED3C48A94
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: F9F8F3D1B0C3305A3DF7E94CDCC2ADCA
Requests: 1 HTTP requests in this frame

Frame: https://banners.shopsafe.biz/banners/banners.php?type=125
Frame ID: EFCA08A57C86C5A20E97B67B05EF5B3B
Requests: 1 HTTP requests in this frame

Frame: https://adlink.shopsafe.biz/dev/banners.php?type=160A
Frame ID: FFBDC763733E9F9B4ED027CECC624B74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=1845587747&adf=115714602&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114623&bpp=15&bdt=1498&idt=70&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8182268420951&frm=20&pv=2&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=701&ady=2023&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=czFptiR0QX&p=https%3A//www.shopsafe.biz&dtd=83
Frame ID: 5EA578DD77D28AAAF16E3D63CBE44B3C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75
Frame ID: BCD667C2192C8F584676B485E05E680C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72
Frame ID: DE9DDA900D7BC52F999EFE8B99B5A01B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 82E0157F68D12998E127253EAF5C9DC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html
Frame ID: 7EF6552A0880C2498B2E317282A8D3EA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7E5617F18B81F41FFDDC0236E176133D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3E0FA443BBEE4B817AACE4FFBCEAC46E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 7422AEAD57EAEAE3B7D991ACC2EC5BDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&adk=1812271804&adf=3025194257&lmt=1396844198&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=8300711630%2B7899205297&format=0x0&url=https%3A%2F%2Fwww.shopsafe.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484115413&bpp=4&bdt=2288&idt=4&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D951094397948be8a-22b6841df1c70068%3AT%3D1619484114%3ART%3D1619484114%3AS%3DALNI_MYJY2iEZG_ascYzkBzA1maZkrXceQ&prev_fmts=336x280_as%2C336x280_as%2C160x600_as&nras=1&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_LIY2i6rw1QIOtoOJAvK7Px6wpaE0mJsh_iZzuwpWPynPSRrevYcb7ptCvujtHaVFYFB6VLHXy1t0%2CAGkb-H8P829KGXHmWhuMYXRP8gPTNzVvvhv7tF6_M0-oWIbZd51_PTsBEZGhsmvlPhItHopn3-n0nu2jn_U%2CAGkb-H-eRPZ0gIHsY0LtFIuxf2CqUwDEJSOwrkT11NP1Z_xx_pbambSiK2JmXhLFvoLkqs4OyJ6peDD1W1s&pvsid=3103548062802381&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=9
Frame ID: AB046F9EAFDD6694846F4FDFB9DB59BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F65B4FCFBDF1E270D32C2A0C10E0C400
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC86D9E1D0A12299625A9F0B4955E520
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

101
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

22
Subdomains

19
IPs

2
Countries

918 kB
Transfer

2214 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://www.shopsafe.com/
Title: You are at Shopsafe Americawww.shopsafe.com

Search URL Search Domain Scan URL

URL: http://www.shopsafe.com.au/
Title: Shopsafe Australiawww.shopsafe.com.au

Search URL Search Domain Scan URL

URL: http://www.shopsafe.co.nz/
Title: Shopsafe New Zealandwww.shopsafe.co.nz

Search URL Search Domain Scan URL

URL: http://www.shopsafe.cc/
Title: Shopsafe UKwww.shopsafe.cc

Search URL Search Domain Scan URL

URL: https://www.alexa.com/data/details/traffic_details/shopsafe.com.au
Title: today's Alexa worldwide traffic rankings for ShopSafe

Search URL Search Domain Scan URL

URL: http://www.paessler.com/

Search URL Search Domain Scan URL

URL: http://del.icio.us/post?url=http%3A%2F%2Fwww%2Eshopsafe%2Ebiz%2F

Search URL Search Domain Scan URL

URL: http://digg.com/submit?url=http%3A%2F%2Fwww%2Eshopsafe%2Ebiz%2F

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=http%3A%2F%2Fwww%2Eshopsafe%2Ebiz%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=http%3A%2F%2Fwww%2Eshopsafe%2Ebiz%2F

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww%2Eshopsafe%2Ebiz%2F

Search URL Search Domain Scan URL

URL: https://www.google.com/bookmarks/mark?op=edit&output=popup&bkmk=http%3A%2F%2Fwww%2Eshopsafe%2Ebiz%2F

Search URL Search Domain Scan URL

URL: http://adlink.shopsafe.biz/dev/newbanners.php?type=160A
Title: .

Search URL Search Domain Scan URL

URL: https://validator.w3.org/check?uri=referer

Search URL Search Domain Scan URL

URL: https://jigsaw.w3.org/css-validator/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

101 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.shopsafe.biz/ 26 KB
8 KB 547ms
528ms Document
text/html 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shopsafe.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 41006684aada371ac3c82a399f2c805e99d51084e1a61453ada651b3483021b1

Request headers

:method: GET
:authority: www.shopsafe.biz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-type: text/html
set-cookie: __cfduid=d5383419d91658375cab9e20670c0c3cb1619484112; expires=Thu, 27-May-21 00:41:52 GMT; path=/; domain=.shopsafe.biz; HttpOnly; SameSite=Lax; Secure
last-modified: Mon, 07 Apr 2014 04:16:38 GMT
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 09b25f8ed60000dfff5ca19000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L9jd7f0FhBzZfDsuEc8GkNDN07U7GFOX%2BfW5KAWkLnTt3odf1LqpdhWjBQmSQpu9yna7UvMJzEeG1bmWKk1UYvKM7AroqtmO6hEd5HCCGAR3wp%2Bq%2Bxp5RcAFR3fs"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 646401f7b8dadfff-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 shopsafev11_0.css
img.shopsafe.biz/scripts/ 11 KB
3 KB 594ms
583ms Stylesheet
text/css 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shopsafe.biz/scripts/shopsafev11_0.css
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 35f40ee1b1beb6053a760d151f704bfe7824326356de72cffa4b505a0a4a704c

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b25f90fb0000dfff3fa35000000001
last-modified: Wed, 02 Feb 2011 03:10:38 GMT
server: cloudflare
etag: W/"9f5310c486c2cb1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sxW19lcfvH8bcP1dmGj%2BEiXfmkk0x%2F459Hlq3EANO0sW9WQLxE4I1yBE%2Fvdk3kS2dj%2BYRSj%2BNZ4A3owq%2FXEHlbVOFxOAIVK9GZoymyq8yR4M32Lfq0SZI9uoy2Bp"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 646401fb2b7cdfff-FRA

GET
H2 200 shopsafe_frontpage.css
img.shopsafe.biz/scripts/ 824 B
486 B 587ms
576ms Stylesheet
text/css 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb1da0aa644f3aa14e29e3c55525bdb61193d90b1a1ef36505bf8086e7da09e1

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b25f90fb0000dfff85aad000000001
last-modified: Wed, 24 Sep 2008 04:24:18 GMT
server: cloudflare
etag: W/"0c5dc68fd1dc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AsZYc5UTRjM13%2FiXEhUVE2us%2FUKZEu60kb%2B%2FbllDqK695DYnufXhZE%2FTClL4nDfUBK5d9Ou4Rnxcz4q%2BLFY69FES2mvjQAu%2F2pdm2JI7SnxVc0ujhd85Q%2B1yhaSf"}],"max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 646401fb2b7ddfff-FRA

GET
H2 200 loadimgs.js Show response
img.shopsafe.biz/scripts/ 3 KB
1 KB 594ms
583ms Script
application/javascript 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shopsafe.biz/scripts/loadimgs.js
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 119b599cc28d39fe7d16f2743f4498c83a63b3d5f17ca5763b182bd2f2d1c933

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b25f90fc0000dfff7487b000000001
last-modified: Wed, 25 Apr 2007 06:58:40 GMT
server: cloudflare
etag: W/"0507727787c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u7kBOnhrj2ojTN6AFWUopLEhEA9R3%2FkFBZt7H%2FqnQH7GyqEKNjFNKtm1XIze6mmvnDIvX2oHkZBHYoeGoSGwovMgbNUnsit3wIQZlGkM88n1OYCBSGvitkGFC39M"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 646401fb2b7fdfff-FRA

GET
H2 200 paging.js Show response
img.shopsafe.biz/scripts/ 2 KB
882 B 573ms
562ms Script
application/javascript 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shopsafe.biz/scripts/paging.js
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2e67d475784a7670417e4048b97d660b284b7c16e2378905d65a1ffbd5df5096

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b25f90fc0000dfff42250000000001
last-modified: Fri, 03 Oct 2008 19:15:28 GMT
server: cloudflare
etag: W/"082f658c25c91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Be8rOO51mk5OAlv0jtnTpptXC%2FCAM%2F6ibOImDl56R%2FKSDtDHU0n8lliL%2FGEJWiyCp5QACQe5xS0zBSKe38X2zaj7RMncbo5lVE7q%2FmDw6anEJvVI%2BtyFP2aLSnN8"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 646401fb2b7edfff-FRA

GET
H3-29 200 ss_logo_biz.gif
img.shopsafe.biz/images/ 4 KB
5 KB 572ms
563ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_logo_biz.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d19f9fecb7afdf0fcc8c1f4a8d4c1b46f9108cc294c581a64794647b37717672

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4214
cf-request-id: 09b25f934c000064bb7b3d6000000001
last-modified: Wed, 08 Sep 2010 03:16:42 GMT
server: cloudflare
etag: "0c93d4244fcb1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fWhmRNpDlm1PpusV3KXxuZQQS4H9Y3U502lUzmDR0epyqxVgTDjq6YNTB%2BHvQNgBvQrZW0x39VOo%2FqB6bUdJw79yEjBZZgAGvGeyIeoYJDlV8FBSG68RxAqfzOdh"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddea64bb-FRA

GET
H3-29 200 au_openfav.gif
img.shopsafe.biz/images/ 381 B
963 B 615ms
606ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/au_openfav.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3a0c1110f474cd87467ee5b4a04e84e301f7fcaaff4c9ee9ea895c03dae4bc5c

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 381
cf-request-id: 09b25f934c000064bb6b244000000001
last-modified: Tue, 22 Jul 2008 02:47:01 GMT
server: cloudflare
etag: "80404d37a5ebc81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KJHQzLC2ArIMdASmRScDOTqQxzXbMgWw%2FBbhgIkvrSblfRsIhfL8D12Su0otDo%2Bh%2BeX%2Fvm2vQe3Y3vtYpPEvlDr2TeeLeqGt3uAYER3n7PfclwZCtqEK7qgttVNt"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddeb64bb-FRA

GET
H3-29 200 au_savethisresult.gif
img.shopsafe.biz/images/ 644 B
1 KB 615ms
607ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/au_savethisresult.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d1fbd3bb475cf9a095e9515e34ee9cfa0f4bc2d597b10064aecd8d858be3f0f9

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 644
cf-request-id: 09b25f934d000064bb78252000000001
last-modified: Tue, 22 Jul 2008 02:47:00 GMT
server: cloudflare
etag: "0aab436a5ebc81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Rq5cA6jxdegxQGENdI0xS%2BROixiJFIK%2BLbs%2FfFHMOeML3WkY5z%2Fcx4%2FP3vwsjKXUNzJtdRNtlGeT3kOhHHfHuZ2cc9tW5BkskFUafdxUsj%2Fe%2FiitbSM4FvG6BsO"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddec64bb-FRA

GET
H3-29 200 ajax-loader.gif
img.shopsafe.biz/images/ 2 KB
3 KB 634ms
627ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ajax-loader.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9cb121c1019e7796d00094a1f784ef2aaecb55af6088b6dba36b64f43c813588

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2545
cf-request-id: 09b25f934a000064bb61220000000001
last-modified: Fri, 11 May 2007 14:30:42 GMT
server: cloudflare
etag: "015cf4d893c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nbyln8KxVz0akhePLJXsGuhn9MonW%2Bfx571FPVOcSSMPidziLdP%2BE6YjJML6%2FLZ3hbKP7VyiEihHWorNt%2BZ24sNpMi9F2W6xhHPBYnJShLtrZSYQVCdyjLLR5YRj"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde064bb-FRA

GET
H3-29 200 shopsafe_search_result.js Show response
img.shopsafe.biz/scripts/ 15 KB
4 KB 889ms
876ms Script
application/javascript 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shopsafe.biz/scripts/shopsafe_search_result.js
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7bf9968b8521ce9f55632fea88b84ab5e3b49c238ef3803e228d6851fee8663b

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b25f934d000064bb5b164000000001
last-modified: Wed, 02 Feb 2011 03:09:34 GMT
server: cloudflare
etag: W/"bb1c3e9e86c2cb1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w14C1za2GhYZcrNbb2BsM2zNRUwThwfGxkrtSIE2hu1116CTwTNJUk01%2BW89nSj3Kpv%2BO3e0idjlcF2iTGNuUwDwrFMDVZvInHRR8L8egNxZKINHN%2FVAwJ2%2FOm5Y"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 646401fedded64bb-FRA

GET
H3-29 200 welcome.gif
img.shopsafe.biz/images/ 12 KB
12 KB 586ms
579ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/welcome.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ba54e027a6b2d500ffa0d1dd0195d295fa89bec13e664bcf419d90e542a0764

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11868
cf-request-id: 09b25f9349000064bb5f8e0000000001
last-modified: Sun, 01 Apr 2007 04:03:15 GMT
server: cloudflare
etag: "80c329ac1274c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jonfrMtlACwTB82ed0q3eGLtpkBfnIVh8xb5CyQ5gYsLqNdOcTK6XmwQkUfPecEChEwjnrg8ZOQS93cYSZfM1%2BfoRjD11XZa4PJ3qG2ne2p3KQLharjbvdUvBtaB"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedddf64bb-FRA

GET
H3-29 200 family.jpg
img.shopsafe.biz/images/ 12 KB
12 KB 612ms
605ms Image
image/jpeg 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/family.jpg
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c09f2f8c37015710d660b65a37b9993b871eff517177bfb83fa53b23ed673c27

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11898
cf-request-id: 09b25f9349000064bb5d8d9000000001
last-modified: Sat, 22 Jan 2005 04:19:00 GMT
server: cloudflare
etag: "0125f7f390c51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HkbJQg2CI%2F10kiqUIiyUA3KV%2FTGJKrNz6PLqwz4Dw%2FX4387rBuEypbayHcbSWkWgwQQqLF7NiAT42mwme6oUvkkFaSs267bAkAASFAsxlvljD8KOSBp039z20iER"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddde64bb-FRA

GET
H3-29 200 trolleysafe.gif
img.shopsafe.biz/images/ 9 KB
9 KB 648ms
641ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/trolleysafe.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8eb14b9f3fb5d7cba145200a9286f9d6c68f3a2c0139228e230b4a26c5708a56

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8967
cf-request-id: 09b25f934b000064bb61221000000001
last-modified: Sat, 22 Jan 2005 04:40:00 GMT
server: cloudflare
etag: "0d0636e3c0c51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RGa2388LdszdDGOXvfFRlo5gWLqbPlP6xjZWOt1GbXk71w1xzCoN7rvWiRIatr0e7NXsV53hI1TNCWTovmUB6V5HGCoLI4hcSXI1LpMgcPNLnGQHcxg72WkNDHai"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde164bb-FRA

GET
H3-29 200 email-decode.min.js Show response
www.shopsafe.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
15ms Script
application/javascript 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shopsafe.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=d5383419d91658375cab9e20670c0c3cb1619484112
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.shopsafe.biz
referer: https://www.shopsafe.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 09b25f9350000064bb71335000000001
last-modified: Thu, 22 Apr 2021 10:48:41 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60815489-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S5q6h1AM0rJqAywNQ2pSOcCemg2CgDtFjQ43GVtoOcjJrD52e2W4L7KNUn98TTmdqWbJAH6hIVf8YOcyn52kZtu0qZbtclMhW68SYDAIyjDJ6WhaTT6jXP1xyn3x"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 646401feddf264bb-FRA
expires: Thu, 29 Apr 2021 00:41:53 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
33 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39474cc8e88ee91fb383bbe856d0b6c1a579ec557351fe3f2b48f31fc3be31b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32911
x-xss-protection: 0
server: cafe
etag: 1356821403584915245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 00:41:53 GMT

GET
H3-29 200 n4secure.gif
img.shopsafe.biz/images/ 422 B
1003 B 645ms
638ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/n4secure.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 62145007fa0a532b058e6ca56d88218a39c3e0c74f354e9beb4d6d421a1ad27b

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 422
cf-request-id: 09b25f934a000064bb7b84d000000001
last-modified: Sat, 22 Jan 2005 04:26:00 GMT
server: cloudflare
etag: "0fcb5793a0c51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s7ftxvSBa4xCVRGNDTltCiWx9JihVeGMkxBG3e64NmPeY6y4YWAnoCqyA%2BhefyatnI3X%2FXDKf9Z6mURWgvUoxhm8IKvR6DESAZW5G4P8QkXqMzcmCghq490FFNt1"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde264bb-FRA

GET
H3-29 200 ie4secure.gif
img.shopsafe.biz/images/ 726 B
1 KB 612ms
605ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ie4secure.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e47cbe85b253e32b853ef6a6dfeabff988d4b4e87f8b728fa1d7b047d052c657

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 726
cf-request-id: 09b25f934a000064bb793bf000000001
last-modified: Sat, 22 Jan 2005 04:23:00 GMT
server: cloudflare
etag: "02a6ce3a0c51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4HaAn3%2BL4ztIL8Zw64QFr8kHbCKBTwypYgKGR4zOjxucNwcvd%2FJWkmcctf63NPzqG7UAHB5yKTcsLDSmcIVF7EDtLLVG1ctDQlbuPWq0COGU1FpbkVFz%2FfMppGwM"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde364bb-FRA

GET
H3-29 200 ss_quote.gif
img.shopsafe.biz/images/ 299 B
888 B 565ms
558ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_quote.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8afc50333b09af9eb4f738d5ef854715282ae76265cbc41f8a6bebe5691fd150

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 299
cf-request-id: 09b25f934c000064bb6c14f000000001
last-modified: Mon, 02 Jun 2008 04:30:38 GMT
server: cloudflare
etag: "0ab446869c4c81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XizO%2B1KKyAmzW6x5F9fcCEZb%2BEDs2S6Lp9IaFPRAopZR5ehqTMcYJliy%2FKqQwzDsX3%2BaHCjKK%2B9wkUtNjdxfZEafZDs6VRzD6RlQaCcDd4%2F%2BwBsL8HAyIs%2FsvMxG"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde564bb-FRA

GET
H2 404 banner_1s_120x45.png
www.paessler.com/static/ 0
0 209ms
187ms Image
text/html 2606:4700::6810:cd1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paessler.com/static/banner_1s_120x45.png
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cd1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ss_iconemail.gif
img.shopsafe.biz/images/ 1014 B
2 KB 610ms
603ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_iconemail.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 606e734068492015f6353b9a42ade4d851fc89fdbd97992cd0396a32ba3243d8

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1014
cf-request-id: 09b25f934b000064bb71334000000001
last-modified: Mon, 01 Sep 2008 02:52:00 GMT
server: cloudflare
etag: "0c874b4ddbc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mxlhwbgArlFUMMjx723fffrIIjtVUF%2B1nZkxFXnIvGQUSPjN7jcEK4ch0EYXY7%2BXbu%2FN8%2BRmRSTMfkJ1sJatm%2ByOdsHu2ywyJMy5zSfNPUgyfKYK%2FuVwIp4Y5A7E"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde664bb-FRA

GET
H3-29 200 ss_iconadd.gif
img.shopsafe.biz/images/ 307 B
888 B 617ms
611ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_iconadd.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ee02437ff3dcc9735aef972aa7d1596f05477c1e901f8347e3706d7ff10e09f

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307
cf-request-id: 09b25f934b000064bb758a8000000001
last-modified: Mon, 01 Sep 2008 02:52:40 GMT
server: cloudflare
etag: "04c4cccddbc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CEKhsR4Jd2xP%2BsqBrHzKzeadPK4yJAAz0gRsySzYwO4txhbkWxyGp6QIWB29G3tGvIYdUbS4B5tOntwJcycAW1IZWHOdFIQ6HWMiJRowjkC7IAgb%2BmI%2BT4VkbNb5"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde764bb-FRA

GET
H3-29 200 ss_icondelicious.gif
img.shopsafe.biz/images/ 113 B
698 B 608ms
602ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_icondelicious.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5604e64ee74cfdc1385c2acec42973653b99699497b18bbd7ba8d2f06f5283d1

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113
cf-request-id: 09b25f934b000064bb69327000000001
last-modified: Mon, 01 Sep 2008 02:53:59 GMT
server: cloudflare
etag: "80bd62fbddbc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C4OyE%2FUEEXT5iudHwJ71qNP2VpXLPCcbD0o%2FXFBNufiR5X6GzgSj%2FRBmdDJgMX%2BA4YyaG7VWsoxZy1frMpttdIp8YjNi7sRFWyTPygqX5plI4gBSESmKe%2Fwv1cy%2F"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde864bb-FRA

GET
H3-29 200 ss_icondigg.gif
img.shopsafe.biz/images/ 258 B
838 B 644ms
639ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_icondigg.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1012f01a55784dd5a7371d355c5640ed694d3cb2acacd4c0198da72f16fd35da

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 258
cf-request-id: 09b25f934c000064bb5ab28000000001
last-modified: Mon, 01 Sep 2008 02:52:10 GMT
server: cloudflare
etag: "0a96abaddbc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bYyTJngz%2FomgPXNMdHX9OSEciLTR7NOmwO0e2Qn08vOzjtzsCD4JwvKfZWvN%2BHODt5L2YZArBPcn2wLvt8RD9dzFYYhi5Nga9KUhOdfJmNiv%2BfCd0wpctNGIqRX8"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401fedde964bb-FRA

GET
H3-29 200 ss_iconreddit.gif
img.shopsafe.biz/images/ 623 B
1 KB 641ms
635ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_iconreddit.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eddc87b075c6da5d59879e245264316b47522400e2b57eead79ce913c5ac3cd8

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 623
cf-request-id: 09b25f934d000064bb63163000000001
last-modified: Mon, 01 Sep 2008 16:19:35 GMT
server: cloudflare
etag: "805e3854ecc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mPtL7Rh6mGhdFfBBxSB%2F2WbEhqlo%2BdlwxAHtxN2RFJe3DbSDaJMmXRrd5em4C5jsMfPPVZPZnlb2OPvMkb6Di4pqI3Z9bR5u0IwSwenkLfljz6zbSl9Xr7ODLsIg"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddee64bb-FRA

GET
H3-29 200 ss_iconfacebook.gif
img.shopsafe.biz/images/ 115 B
705 B 644ms
638ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_iconfacebook.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9fa4b9195cbf3532f010674fad9b6e7fd8fd895d39b49544ef4035d5cb320953

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115
cf-request-id: 09b25f934e000064bb6f092000000001
last-modified: Mon, 01 Sep 2008 02:51:51 GMT
server: cloudflare
etag: "807d17afddbc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NF%2BTkyS6JfG3OwUa%2Bd8NW%2BXohJ5gN3Cr1Fi%2BvCfDaJRWMgA%2B8pNw8psgKlrjjtjeVPn3jvSlfiBKD%2FJHamTE7jZV%2BJRp4od9PXBZFVIJ1rBTg5Z7GEndMphpgUOq"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddef64bb-FRA

GET
H3-29 200 ss_iconstumbleupon.gif
img.shopsafe.biz/images/ 1 KB
2 KB 618ms
612ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_iconstumbleupon.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a3ba61118a1448bc6792e92363e736f9487bb83752c7388def37c5f7abcff5eb

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1066
cf-request-id: 09b25f934e000064bb5f8e1000000001
last-modified: Mon, 01 Sep 2008 02:51:23 GMT
server: cloudflare
etag: "807679eddbc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ym8rltoVoNmZ5grOvnCmen%2BUc2uEaxTOf7jWI7HPuGlJr2sXogKZkuokx6afY%2FOEv7beNAaY32Vs%2F99pUnsl5rF1qtD2KWNFfvdJBRgi9Dfh%2FFMG8w9y87CVjqVm"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddf064bb-FRA

GET
H3-29 200 ss_icongoogle.gif
img.shopsafe.biz/images/ 1 KB
2 KB 648ms
643ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/ss_icongoogle.gif
Requested by: Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4d81639ce23fcbe90c6a4fcb3b1ede448ddf5eb635bde3021dbe67bc5c68c931

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
cf-request-id: 09b25f934f000064bb78253000000001
last-modified: Sat, 20 Sep 2008 19:07:00 GMT
server: cloudflare
etag: "0a25f541bc91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7kZ8jSvJvDPFCxbDKSGzZowz6cxcNHfEw1hmrNzKkPUwxtUoBZpCu2eb%2BXPwsFoRm11mCca090YfwJovwoIg7Ol5xq6B8%2FnXp2liqaowzdOERyhSn4hSSeVt%2BIog"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401feddf164bb-FRA

GET
H2 200 valid-xhtml10
www.w3.org/Icons/ 2 KB
2 KB 341ms
111ms Image
image/png 128.30.52.100
MIT-GATEWAYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.w3.org/Icons/valid-xhtml10

Requested by

Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

128.30.52.100 , United States, ASN3 (MIT-GATEWAYS, US),

Reverse DNS

hans-moleman.w3.org

Software

Resource Hash

8a9e64adf9351dbc0f333daae135c88d5162ed8eadf5e65801c19914ab657bab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubdomains; preload

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 15:58:48 GMT
last-modified: Fri, 14 Jul 2006 01:43:32 GMT
x-backend: varnish
etag: "75a-41880ced83900;5b8ff22e2f9da"
tcn: choice
vary: negotiate,accept
content-type: image/png; qs=0.7
access-control-allow-origin: *
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=15552000; includeSubdomains; preload
accept-ranges: bytes
content-location: valid-xhtml10.png
content-length: 1882
expires: Sun, 23 May 2021 15:58:48 GMT

GET
H2 200 vcss
jigsaw.w3.org/css-validator/images/ 2 KB
2 KB 288ms
94ms Image
image/gif 2603:400a:ffff:804:801e:34:0:15
MIT-GATEWAYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jigsaw.w3.org/css-validator/images/vcss

Requested by

Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:400a:ffff:804:801e:34:0:15 , United States, ASN3 (MIT-GATEWAYS, US),

Reverse DNS

Software

Jigsaw/2.3.0-beta4 /

Resource Hash

a5e988ededb2aa6ac2fbada686f36a5185bcfa983e316729a4540fb87ec54a0b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
Strict-Transport-Security	max-age=15552015; includeSubDomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 14:41:23 GMT
content-md5: ZMFf26sMyqX3mHU4H/zPhg==
strict-transport-security: max-age=15552015; includeSubDomains; preload
content-length: 1547
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
last-modified: Mon, 08 Feb 2016 20:34:17 GMT
server: Jigsaw/2.3.0-beta4
x-frame-options: deny
etag: "178shp7:1a2k1jdo8"
vary: Accept
content-type: image/gif
cache-control: max-age=518400
accept-ranges: bytes
content-location: https://jigsaw.w3.org/css-validator/images/vcss.gif
expires: Fri, 30 Apr 2021 14:41:23 GMT

GET
H2 200 ss_banner.jpg
img.shopsafe.com.au/images/ 28 KB
29 KB 915ms
876ms Image
image/jpeg 2606:4700:3037::6815:2b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.com.au/images/ss_banner.jpg
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafev11_0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05987e5c3bcbf5eec9abcc5150fceeb934c554d704a5ba0968b030dae1f33b0f

Request headers

Referer: https://img.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28748
cf-request-id: 09b25f936c00004e79f9931000000001
last-modified: Mon, 02 Jun 2008 04:30:33 GMT
server: cloudflare
etag: "80ba496569c4c81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RvgevbU29lllzadJco%2BHSPSb%2FBSYm1XutqV8JYoKUoB262pf2OZH6BY54PNrPvo9N7ILqOZzD57lWNBvnwtcgNg%2Fq1gIrHkYf%2BsCdwCpn7ISnGWcFyTFvfvaaSV4krZ9"}]}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646401ff19074e79-FRA

GET
H3-29 200 atshopsafeau.gif
img.shopsafe.biz/images/ 921 B
1 KB 577ms
576ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/atshopsafeau.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b62eeb792b2e9bc0d6a455d82a6518c786b18a2ebc44261bae18a71ceb08645f

Request headers

Referer: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 921
cf-request-id: 09b25f96bb000064bb6122e000000001
last-modified: Sun, 01 Apr 2007 21:04:01 GMT
server: cloudflare
etag: "80b69f45a174c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z4MpBo6xB4QrkliGgALsdbBwtslXI2PhF136V4ArtIYJzImoJewdvg%2BIsp0L4lQ6DGvaNgzUjSw1PQgMRCYmq0jqXHgjLydxRQqU%2FYGELJHL6hnjNep1gpK3%2Faol"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646402045e8a64bb-FRA

GET
H3-29 200 atshopsafeus.gif
img.shopsafe.biz/images/ 2 KB
2 KB 571ms
570ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/atshopsafeus.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a89765610f28906f30035dd5f47ef8f65bf9ff787b37dc18beab2c2556cc1818

Request headers

Referer: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1536
cf-request-id: 09b25f96bc000064bb793cc000000001
last-modified: Sun, 01 Apr 2007 21:04:25 GMT
server: cloudflare
etag: "80d2ed53a174c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i5a6h58OJKUh5SFqC8w0hnfDvtbBFmuh6%2FLvr%2BxZHTKTc8Mm4KfyPavUR37lRt4wlsJ7e5RmZQbFZj3q2hML1mLSWhx61n6cHsWSUjDU5xa373rMOCHI6uVG46O0"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646402045e8b64bb-FRA

GET
H3-29 200 atshopsafenz.gif
img.shopsafe.biz/images/ 826 B
1 KB 582ms
582ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/atshopsafenz.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 08f51f3659480e64e2b859eabf684c22c4a1887ce37e5abc02cc992834c93c2a

Request headers

Referer: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 826
cf-request-id: 09b25f96bc000064bb7b858000000001
last-modified: Sun, 01 Apr 2007 21:04:13 GMT
server: cloudflare
etag: "80c4c64ca174c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5NkrlVj%2FG4OLXPteupQwxDGY5LlcTRFvQWBzgp2BXeERZ4IO4J47puTDAv4fDfjUT%2F6Cmk91k3Hns7td9IBHLmK%2BdHSSD4WgtglO%2Bp6Yu%2BxC4W%2F2xn3pv6Vv956J"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646402045e8c64bb-FRA

GET
H3-29 200 atshopsafeuk.gif
img.shopsafe.biz/images/ 903 B
1 KB 571ms
570ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/atshopsafeuk.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dad2e7135263e2d9288d7f483d90f18c6cd9c048742ad9f9dcb783fa9dcfd7e7

Request headers

Referer: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 903
cf-request-id: 09b25f96bc000064bb5d8e8000000001
last-modified: Sun, 01 Apr 2007 21:04:19 GMT
server: cloudflare
etag: "804b5a50a174c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GgcDwURPbbl%2FSQd3yMGTNAJRF7N5eaKqrUClBq2tcBsWa6XsTc8pP7z2HdbQNWQHMVZW4LfQ5spxWHux1gGJmc9sP6MXQEP%2B0xS5J8pkuvw8P98sa10Nnelqn5pK"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646402045e8d64bb-FRA

GET
H3-29 200 atshopsafebiz.gif
img.shopsafe.biz/images/ 1 KB
2 KB 569ms
568ms Image
image/gif 2606:4700:3037::ac43:c81b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.biz/images/atshopsafebiz.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c81b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c375c5226f945bc47daeddd48c04f6e85b3c2afcf859e3aec021f5d7673978c9

Request headers

Referer: https://img.shopsafe.biz/scripts/shopsafe_frontpage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1176
cf-request-id: 09b25f96bc000064bb6c15c000000001
last-modified: Sun, 01 Apr 2007 21:04:07 GMT
server: cloudflare
etag: "803d3349a174c71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TRWOYJPW%2FbQm9XmoB32AmNik9ea4vZn1oiJnn8dmmDDXHP4Xa%2Bo0QrcjLZoF7xfM0xgSeEg6SmYM4omyNJGVNvkDZfsPfZNPs6tBRkypx8wgoDjb2bvMc0zaqdPU"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646402045e8e64bb-FRA

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 223 KB
83 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-9633526881897747&plah=www.shopsafe.biz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 00:41:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame F9F8 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Apr 2021 19:34:12 GMT
expires: Mon, 10 May 2021 19:34:12 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 18462
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 au_arrow-list.gif
img.shopsafe.com.au/images/ 48 B
518 B 543ms
543ms Image
image/gif 2606:4700:3037::6815:2b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.com.au/images/au_arrow-list.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafev11_0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18e798782442892a5b5a1106f7b6d66bd97518244a58665901314fdf1cceeeb2

Request headers

Referer: https://img.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48
cf-request-id: 09b25f96d300004e79b11cf000000001
last-modified: Mon, 02 Jun 2008 04:29:20 GMT
server: cloudflare
etag: "0d0c63969c4c81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xZ5IHK4vz6Uhfogb52L6CMPtwRKSowVgMFaXWYnultuL92o26ejltWM3x%2Fdc9aQFIG0K4izf58AZ6P1lPF7UuZ%2F%2B28BDQNys61zYKgPpC%2FXBet01tx1UT54a%2FSKwz4nU"}]}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 646402048f044e79-FRA

GET banners.php
banners.shopsafe.biz/banners/ Frame EFCA 0
0

GET
H3-29 200 au_bg-link-button.gif
img.shopsafe.com.au/images/ 53 B
783 B 557ms
544ms Image
image/gif 2606:4700:3037::6815:2b5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.shopsafe.com.au/images/au_bg-link-button.gif
Requested by: Host: img.shopsafe.biz
URL: https://img.shopsafe.biz/scripts/shopsafev11_0.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6e0733d886a9010e105ac97e0377bfd75a616726a043a264e05f4172c1d9c03b

Request headers

Referer: https://img.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53
cf-request-id: 09b25f96eb00001e473ea1a000000001
last-modified: Mon, 02 Jun 2008 04:29:20 GMT
server: cloudflare
etag: "0d0c63969c4c81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J7%2Bs1UyNZSFEXsekHBNbKSTcwId9QRhxAiiNME01Eec7IzRbhf0fQah%2FaHcB6eTCGzq9jf%2FUzCY2PQQqk3cOSOyzLAJzKtJqSHthfOiB0E%2FcKIOSyDoTdDR%2BU6FbYsKq"}],"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64640204ad0c1e47-FRA

GET banners.php
adlink.shopsafe.biz/dev/ Frame FFBD 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.shopsafe.biz
URL: https://www.shopsafe.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1662
date: Tue, 27 Apr 2021 00:14:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 27 Apr 2021 02:14:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
642 B 87ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.shopsafe.biz&callback=_gfp_s_&client=ca-pub-9633526881897747

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-9633526881897747&plah=www.shopsafe.biz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3805bc49f7b6864eceb31f9a46cf465c64ec5a89795f69be8e02bef39c462f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.shopsafe.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.shopsafe.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EA5 66 KB
23 KB 239ms
225ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=1845587747&adf=115714602&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114623&bpp=15&bdt=1498&idt=70&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8182268420951&frm=20&pv=2&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=701&ady=2023&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=czFptiR0QX&p=https%3A//www.shopsafe.biz&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffd3c3b31fb40d3c2b8b407297204209d594184e7b9327f3cc7cfd76ae140b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=1845587747&adf=115714602&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114623&bpp=15&bdt=1498&idt=70&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8182268420951&frm=20&pv=2&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=701&ady=2023&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=czFptiR0QX&p=https%3A//www.shopsafe.biz&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Apr 2021 00:41:54 GMT
server: cafe
content-length: 23530
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 00:56:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 00:41:54 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:41:54 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BCD6 58 KB
20 KB 470ms
468ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

508a6eadc4add2b302d40f7310e58c4c5c517d1dd6e5263c4cb5ff1aab5821c1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNepg7uYnfACFQXvdwodxFwCwg&gqi=0l2HYJ7LLNOrgQenmr3QAg&layout=/sadbundle/%24csp%253Der3%24/15398077775290040320/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNepg7uYnfACFQXvdwodxFwCwg&gqi=0l2HYJ7LLNOrgQenmr3QAg&layout=/sadbundle/%24csp%253Der3%24/15398077775290040320/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Apr 2021 00:41:55 GMT
server: cafe
content-length: 20291
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 00:56:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 00:41:55 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE9D 60 KB
22 KB 450ms
449ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a79827cc035938a181437352158fbd13cff9a2aa8db702e7154ccbb0bad3c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Apr 2021 00:41:55 GMT
server: cafe
content-length: 22756
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 00:56:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 00:41:55 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 5EA5 6 KB
765 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=1845587747&adf=115714602&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114623&bpp=15&bdt=1498&idt=70&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8182268420951&frm=20&pv=2&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=701&ady=2023&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=czFptiR0QX&p=https%3A//www.shopsafe.biz&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:15:18 GMT
server: ESF
date: Tue, 27 Apr 2021 00:41:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 00:41:54 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5EA5 1 KB
990 B 38ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 23:37:22 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 5EA5 17 KB
7 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:31:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5EA5 2 KB
1 KB 34ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EA5 116 KB
35 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:41:54 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5EA5 13 KB
6 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:33:16 GMT

GET
H2 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 5EA5 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 102210
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Sat, 24 Jul 2021 20:18:24 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/2204030107570158595/ Frame 5EA5 56 KB
57 KB 32ms
18ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2204030107570158595/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd715ff4bf7944e105722a5659d34e3cb80ad816f0a616c0dd8c07035821510c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 04:50:06 GMT
x-content-type-options: nosniff
age: 503508
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57680
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 08:20:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 04:50:06 GMT

GET
DATA 200
OK truncated
/ Frame 5EA5 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a8027eb062751325f13f8d7c96950fd0375206c37038cc39b7b1bcf84401842

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5EA5 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaT2o0l2HYPX3LJeSrATH87SID5L_xrJikeq82cQNpIX41OIMEAEg_ZD1AWCVAqAB4prxjgPIAQmpAoG9O9s7R7Q-qAMByAPLBKoEugFP0BwMLdvuD32KFL5BZR6HRzYEmzdOCr2oUuR8Uxzv7GwmbhM4BzXSEki2il4t21Q6veattTtxDHM_wUjpR07M1P8DD65CWJvhAZg79oW0Vr8Zk72NsjuO3eeS4Z1echbzQkQ2IVLvQPoA2s88qntEc21HjyS2jJldo8twcIaGhw_UaZ176XHmSZ6UeTHZajUeluXho0ysIwOIntokjcbvQIg2gNOTuUWMoRuNp9Ji2yRUdU3a9iAoSy3ABLautd_FAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeG5Y5xqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEI3lDNIICQiA4YAQEAEYH4AKAcgLAdgTDYgUA7IXGgoYCAASFHB1Yi05NjMzNTI2ODgxODk3NzQ3&sigh=JfuZOpZUW_A&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=1845587747&adf=115714602&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114623&bpp=15&bdt=1498&idt=70&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=8182268420951&frm=20&pv=2&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=701&ady=2023&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=czFptiR0QX&p=https%3A//www.shopsafe.biz&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 27 Apr 2021 00:41:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:41:54 GMT

GET
DATA 200
OK truncated
/ Frame 5EA5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea1304a5f0f9d74005180d2edf55ebda89544021f549dcbf888b769ba71e11ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5EA5 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 428303
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 22 Apr 2022 01:43:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5EA5 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 378386
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:35:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5EA5 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 159512
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 25 Apr 2022 04:23:23 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 82E0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 22:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 96026
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 22:01:29 GMT

GET
H3-29 200 10111854355321866607
tpc.googlesyndication.com/daca_images/simgad/ Frame DE9D 37 KB
37 KB 26ms
11ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10111854355321866607

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a76604c7200a3e9a82aa8ba7f6b2277852fc1728366ef36597ec31ad92977eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 01:12:39 GMT
x-content-type-options: nosniff
age: 257356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 13:29:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Apr 2022 01:12:39 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame DE9D 17 KB
7 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:31:37 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame DE9D 2 KB
1 KB 21ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE9D 116 KB
35 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:41:55 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame DE9D 13 KB
5 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:33:16 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame DE9D 25 KB
10 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 16:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 May 2021 16:40:27 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE9D 0
0 20ms
19ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJqSB0l2HYMiqLc6RrASQn77IDtWx4rli7e-T6scNloLNhYgWEAEg_ZD1AWCVAqAB-fDJ-QPIAQKpAim70d5zU7c-qAMByAPJBKoEwgFP0MX9_R3oWwrYi8hLOGg-AGAUCfKYgcZcIU7EX_kV_9QgXmvAkGgQFR1rktpsQeFQ0fBFnPsREp0FA8Ut8dmQfGoxX08ge2xMsMSMwcm0NFs93gq2aiRis0KRMHn8CbdjUCtQbPrucaYsD2ddZzAkfUO4o9nYy20azOMmgGre4Yy2WkoFf3Jxm1BPvWnZx6BIsoen2ADRymXP2gWSDltnVKlxPHIxGm9CxVqZKAb4UbB-eVFJ3RU6WnnaAPzS2-lqwsAEvajFgbADkgUECAQYAZIFBAgFGASgBgKAB_7QhDGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQy5sG0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTk2MzM1MjY4ODE4OTc3NDc&sigh=RANwzeUQOkc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 27 Apr 2021 00:41:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame BCD6 2 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1090
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCD6 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:41:55 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame BCD6 13 KB
5 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 00:33:16 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/ Frame 7EF6 405 KB
46 KB 10ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c36c05d80c1c0437180e33263d579b17e8ca71e65f0a030e13b344b1c12c77c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15398077775290040320/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 26 Apr 2021 09:36:08 GMT
expires: Tue, 26 Apr 2022 09:36:08 GMT
last-modified: Mon, 26 Apr 2021 09:35:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 46879
age: 54347
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BCD6 0
0 23ms
16ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaeM20l2HYNf4LIXe3wPEuYmQDI-g5Lli_b_B9ckNloLNhYgWEAEg_ZD1AWCVAqAB1NDQlwPIAQmpAuug10puSbQ-qAMByAMCqgTAAU_QXOkuqbjoC2yKyGGtTPpXz9UJ6RcG8RofyYwlwPUWUv7k9PACEd96of-Rnx0IyIFAzYstE3zZXn-UBIDKcP_D4ctaW8VvQ2LS3pTpCSN4ACNtUxmAQVgLyafNWKTLLZm6L2RlJ3_HCFiYIECuNw6JplEMPrRwKLNro46wqX9EsLXhhK_6poYnYeBJ0HylDIhd0zp67jPLXUwvED2bpujdHjl1vqfi1o7cmed_Rpq0edMMw_PF-glB7VuNV2T0mcAEpo3z278DkgUECAQYAZIFBAgFGASgBl2AB8v_3GyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhosY0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTk2MzM1MjY4ODE4OTc3NDc&sigh=Y2Z4FE4ebeQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 27 Apr 2021 00:41:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E56 143 B
163 B 12ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnDnli4a84JDwFpprZZqJaZd6hB0QCiSzw_kXuzprz127xhbDBzDCmfqfdCvPo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=280&adk=89452153&adf=1024854124&w=336&lmt=1396844198&channel=8300711630%2B7899205297&ad_type=text_image&format=336x280_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114643&bpp=5&bdt=1518&idt=72&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=73dyhvPJiW&p=https%3A//www.shopsafe.biz&dtd=75

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 27 Apr 2021 00:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 756
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E0F 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnDnli4a84JDwFpprZZqJaZd6hB0QCiSzw_kXuzprz127xhbDBzDCmfqfdCvPo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&h=600&adk=3099249962&adf=1445722802&w=160&lmt=1396844198&channel=3348422390%2B2119580406&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=478AD4&color_text=000000&color_url=FF6600&url=https%3A%2F%2Fwww.shopsafe.biz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484114654&bpp=3&bdt=1529&idt=69&shv=r20210422&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=8182268420951&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1110&ady=782&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3103548062802381&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=l0ywmGHcsa&p=https%3A//www.shopsafe.biz&dtd=72

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 27 Apr 2021 00:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 756
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DE9D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f13cfd524ffc64dd7f79b2a283efaede74890cb857c1831568eafb4ae7dd255

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BCD6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86d1d396eee5775325ba5890d3faa9b93c3d24fb37c3715ece1ef3afa5e36d2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7EF6 2 KB
566 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 00:08:17 GMT
server: ESF
date: Tue, 27 Apr 2021 00:41:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 00:41:55 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E56
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnDnli4a84JDwFpprZZqJaZd6hB0QCiSzw_kXuzprz127xhbDBzDCmfqfdCvPo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 00:41:55 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 27-Apr-2021 01:41:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 00:41:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 00:41:55 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E0F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
15ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnDnli4a84JDwFpprZZqJaZd6hB0QCiSzw_kXuzprz127xhbDBzDCmfqfdCvPo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 00:41:55 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 27-Apr-2021 01:41:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 00:41:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 00:41:55 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame DE9D 54 KB
21 KB 80ms
23ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4fc2efe8d590d037af61708b1ff76c79ca06c4d1c8f7942dd3ab4ae2b48e8ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2543
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20834
x-xss-protection: 0
server: cafe
etag: 3643018968265034572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 00:59:32 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7EF6 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Apr 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7EF6 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Apr 2021 23:11:01 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7422 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 22:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 96026
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 22:01:29 GMT

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame 7EF6 18 KB
18 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 03:36:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
age: 162324
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
expires: Mon, 25 Apr 2022 03:36:31 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b84b102eb26834d8a04db19b6422412ec1966d9771bffe48910b3f9cca280b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48190
x-xss-protection: 0
server: cafe
etag: 1944722452572810353
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 00:41:55 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 32ms
17ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15edaba2cc660f592c35be518ef7637a5135a45b5680c3807e25e73c1ecb8ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0

GET
H3-29 200 Grover_Logo_Claim-top-White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/ Frame 7EF6 8 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/Grover_Logo_Claim-top-White.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 54347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2144
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 09:35:05 GMT
server: sffe
date: Mon, 26 Apr 2021 09:36:08 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 09:36:08 GMT

GET
H3-29 200 sim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/ Frame 7EF6 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/sim.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 09:35:05 GMT
server: sffe
date: Mon, 26 Apr 2021 09:36:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 09:36:08 GMT

GET
H3-29 200 phones_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/ Frame 7EF6 48 KB
48 KB 9ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/phones_2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48894
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 09:35:05 GMT
server: sffe
date: Mon, 26 Apr 2021 09:36:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 09:36:08 GMT

GET
H3-29 200 1phones.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/ Frame 7EF6 26 KB
26 KB 10ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15398077775290040320/1phones.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26884
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 09:35:05 GMT
server: sffe
date: Mon, 26 Apr 2021 09:36:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Apr 2022 09:36:08 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE9D 0
20 B 15ms
14ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:41:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DE9D 0
331 B 415ms
42ms Ping
image/gif 172.217.168.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~knzb10vr&e=21068133&ctx=2&gqid=0l2HYMnxLP6Kx_AP0sqf4Ak&qqid=CMjbg7uYnfACFc4IiwodkI8P6Q&met.4=fb.cu~lb.e5~ol.fb~bdt.-18h~bpp.-1x~idt.-3~dtd.0~dt.-20&met.3=739.e6~736.ep~735.ew_1~740.ex~740.ey~555.f0~556.f0_1~738.f8~740.ho~113.i9_3~112.i8_4&met.1=1.knzb10di~6.1~7.1~8.1~9.1~10.1~12.2~13.cj~14.co~15.cm~16.e6~17.e6~18.e7~19.f9~20.f9~21.fc~22.d3~23.ev&met.7=CAUQCBgBMMcDOKcEaAJwwgN4_rEBgAHksQGIAYLjA7ABAbgBAw~CBcQBhgBIM0DKM0DMO4DOCFo3ANw5wN4rqoCgAGQqgKIAZCqArABAbgBAw~CBwQChgBIM0DKM0DMOoDOB1o3QNw6AN4jzeAAfQ2iAGiiAGwAQG4AQM~CBwQChgBIM0DKM0DMOgDOBto3QNw5gN4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIM0DKM0DMOYDOBk~CBwQChgBIM0DKM0DMOcDOBlQ0QNY3ANg0QNo3ANw5AN4_yuAAeQriAHbZbABAbgBAw~CBwQChgBIM0DKM0DMO4DOCFo3ANw5gN4z1GAAbRRiAGkyAGwAQG4AQM~CCEQBBgBINADKNADMOYDOBZo0wNw5QN4EbABAbgBAw~CCgQBRgBIOwDKOwDMPQDOAdo7gNw8wN4owGAAZEBiAGPAbABAbgBAw~CCgQChgBIKkEKKkEMIoFOGFAqwRIqwRQqwRY4gRguQRo4gRw-QR4j6cBgAHiogGIAfutA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.168.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s15-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:41:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.shopsafe.biz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.shopsafe.biz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB04 0
19 B 17ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9633526881897747&output=html&adk=1812271804&adf=3025194257&lmt=1396844198&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=8300711630%2B7899205297&format=0x0&url=https%3A%2F%2Fwww.shopsafe.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484115413&bpp=4&bdt=2288&idt=4&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D951094397948be8a-22b6841df1c70068%3AT%3D1619484114%3ART%3D1619484114%3AS%3DALNI_MYJY2iEZG_ascYzkBzA1maZkrXceQ&prev_fmts=336x280_as%2C336x280_as%2C160x600_as&nras=1&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_LIY2i6rw1QIOtoOJAvK7Px6wpaE0mJsh_iZzuwpWPynPSRrevYcb7ptCvujtHaVFYFB6VLHXy1t0%2CAGkb-H8P829KGXHmWhuMYXRP8gPTNzVvvhv7tF6_M0-oWIbZd51_PTsBEZGhsmvlPhItHopn3-n0nu2jn_U%2CAGkb-H-eRPZ0gIHsY0LtFIuxf2CqUwDEJSOwrkT11NP1Z_xx_pbambSiK2JmXhLFvoLkqs4OyJ6peDD1W1s&pvsid=3103548062802381&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9633526881897747&output=html&adk=1812271804&adf=3025194257&lmt=1396844198&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=8300711630%2B7899205297&format=0x0&url=https%3A%2F%2Fwww.shopsafe.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619484115413&bpp=4&bdt=2288&idt=4&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D951094397948be8a-22b6841df1c70068%3AT%3D1619484114%3ART%3D1619484114%3AS%3DALNI_MYJY2iEZG_ascYzkBzA1maZkrXceQ&prev_fmts=336x280_as%2C336x280_as%2C160x600_as&nras=1&correlator=8182268420951&pv_ch=8300711630%2B7899205297%2B&frm=20&pv=1&ga_vid=330613105.1619484115&ga_sid=1619484115&ga_hid=371922901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H_LIY2i6rw1QIOtoOJAvK7Px6wpaE0mJsh_iZzuwpWPynPSRrevYcb7ptCvujtHaVFYFB6VLHXy1t0%2CAGkb-H8P829KGXHmWhuMYXRP8gPTNzVvvhv7tF6_M0-oWIbZd51_PTsBEZGhsmvlPhItHopn3-n0nu2jn_U%2CAGkb-H-eRPZ0gIHsY0LtFIuxf2CqUwDEJSOwrkT11NP1Z_xx_pbambSiK2JmXhLFvoLkqs4OyJ6peDD1W1s&pvsid=3103548062802381&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnDnli4a84JDwFpprZZqJaZd6hB0QCiSzw_kXuzprz127xhbDBzDCmfqfdCvPo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 00:41:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 00:41:55 GMT
cache-control: private

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:41:55 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F65B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 26 Apr 2021 22:16:43 GMT
expires: Tue, 26 Apr 2022 22:16:43 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8712
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC86 783 B
532 B 26ms
25ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c18543aa8b786a9b3a7f1ea9f1df0c4f7bc8c9fc35c8481d4cdd8e692e412f8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iYmSc43TQWvreOgMM1xDGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.shopsafe.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.shopsafe.biz/

Response headers

expires: Tue, 27 Apr 2021 00:41:55 GMT
date: Tue, 27 Apr 2021 00:41:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-iYmSc43TQWvreOgMM1xDGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame F65B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 22:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 96026
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Mon, 25 Apr 2022 22:01:29 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=3103548062802381&bg=!OzilOHzNAAZUuIlwVLg7ACkAdvg8Wh9KdJn-n5sSHnATaRmS_SKT8H527hPB04Bw2NHfO7u2pIJQvwIAAABEUgAAAAtoAQcKAW21-gsldwNuz3wc_qv5dcmv0BlJTOaQqF4E8X_CH7U36fsHS4EGv_dSqYpBxEQ4KzPucAYrFhJNJl8CTncGMw6UbPuhLC9r8bUqBRFFHfl4ZTKwYsNuQdVkWooqtqcZ8fWwGRpqvGsliV3QykmZZ8QKzhu7vmkQLWh6kXFYl5g3XXX3NX51ZI_3HYKqYlEs1mmmO39OGVI9eWENZxpB7mVGv5qXPS3iq9N3ziTugFpDQiyGK-OmtOjemQwp92HtqRDQVbq-oBAaFfNRxhwtt7Qs94s8egRB1GfnGBDpf_CriJWakvpIcQxViKF2rzSC0wlmraUhwfzDaMe3HcOlZmqzl1KY7JcwPd5FU1lhktqs9eCkdyAT7XC7GlvOUKhLItAJYHp-Tn0J_FKEiXB5quXSM1xiwn-29497rMAd8nDzD4oO0bvmcYAsAc71idtRzlLi-iJAqSMo7yuoPD6nBPQmzQ-ZNyTleUHMHS121ZkCJAtghV2LoaQn_8Rid0Dw0GCsps6dY5-2m3MewqoJsXayfcB0W6ouEXPobqz9dnuBh7qqy4TD8KbHBWfpg_xC5hfeIfGPtCZaaacE6UkmkOldvkHtZs2vTewmX-sbARVl5SCSdIqcsDDFO_YosYJrZDzMpIDfbRW7rQ7eyuJrUcMMVUqyZZvK5e7FBDFbNxbB4SbSi_bfL1QcLZ1jhYvpI4oETs68S9OUjiOn2x6mPafkYHctBt82HYSXsP-hwic95BkmXdieoTC051LqWDJYIG-LhdJYeW4zGhx_60oPf-i0-GPisE0e1UaARnV81NXLpzt9XYF8YXjXxeYQuz_hyFDgsOnyZEH9PeaMv3i-qQcPM8zGD0qZ_IeGBERo6Hx0NH0HAlXQ80chj_fSEPma79zavyKgzZ6XP2qwqg-X_5Iiugn0iV-5_jTnHH0hO1nMlSh-0AKglJ64ZwVN52mWdkblT-J0s1kNYhrtPR5UJgSgKuik_hwOpiLuMHfzjBCveBcuiza_xFvQjLqKh03Dwq0hb6XBVhlYcFYiiumOkOWAH4jlvtZ2oozvpaLKU83ajcgHkIglYWg5ZdCiT876Z3VsVsh15nVmn7tyfxzg2GFSihy1QpaFuJeVDUKU3A3xTo-Tb0iKipJ-VI4bCzad1M1deXqUwqYpBggBmS5S8Ao5eAk78cQgVcz5l91FFst3eZQrBldOOyR915vJHySdI7vDwvpe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shopsafe.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:41:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE9D 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth0rX8Ol5vlcqZueiBiABaVrqecmiDcxNC4gYyV9VWjKbD30pxpFtycUlCNe6dayys9ff_lXjKYAWArkx_7tLKb6J2v86E5NLC3A4eoeL4dcHrFsIokeXiADKm4Q&sai=AMfl-YRRMxWUtHjuUTWMhxuPi9PBRzkbLC1iY1wzd0jusV6Nx5uTW9mzMolcM90xFCyoGl0ptfMMUFj4Pu03&sig=Cg0ArKJSzJ7DyN3vZEAbEAE&id=lidar2&mcvt=1000&p=782,1110,1382,1270&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=0.7&if=1&app=0&itpl=4&adk=3099249962&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619484114726&dlt=454&rpt=44&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:41:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: banners.shopsafe.biz
URL: https://banners.shopsafe.biz/banners/banners.php?type=125

Domain: adlink.shopsafe.biz
URL: https://adlink.shopsafe.biz/dev/banners.php?type=160A

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:51:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 17:51:25	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 03:13:00	Name: IDE Value: AHWqTUnDnli4a84JDwFpprZZqJaZd6hB0QCiSzw_kXuzprz127xhbDBzDCmfqfdCvPo
.shopsafe.biz/	1970-01-20 03:13:00	Name: __gads Value: ID=951094397948be8a-22b6841df1c70068:T=1619484114:RT=1619484114:S=ALNI_MYJY2iEZG_ascYzkBzA1maZkrXceQ
.shopsafe.biz/	1970-01-19 18:34:36	Name: __cfduid Value: d5383419d91658375cab9e20670c0c3cb1619484112

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adlink.shopsafe.biz
adservice.google.com
adservice.google.de
banners.shopsafe.biz
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.shopsafe.biz
img.shopsafe.com.au
jigsaw.w3.org
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.paessler.com
www.shopsafe.biz
www.w3.org
adlink.shopsafe.biz
banners.shopsafe.biz
128.30.52.100
142.250.186.66
172.217.168.67
2603:400a:ffff:804:801e:34:0:15
2606:4700:3037::6815:2b5b
2606:4700:3037::ac43:c81b
2606:4700::6810:cd1e
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
05987e5c3bcbf5eec9abcc5150fceeb934c554d704a5ba0968b030dae1f33b0f
08f51f3659480e64e2b859eabf684c22c4a1887ce37e5abc02cc992834c93c2a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ee02437ff3dcc9735aef972aa7d1596f05477c1e901f8347e3706d7ff10e09f
1012f01a55784dd5a7371d355c5640ed694d3cb2acacd4c0198da72f16fd35da
119b599cc28d39fe7d16f2743f4498c83a63b3d5f17ca5763b182bd2f2d1c933
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15edaba2cc660f592c35be518ef7637a5135a45b5680c3807e25e73c1ecb8ebe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e798782442892a5b5a1106f7b6d66bd97518244a58665901314fdf1cceeeb2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e67d475784a7670417e4048b97d660b284b7c16e2378905d65a1ffbd5df5096
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35f40ee1b1beb6053a760d151f704bfe7824326356de72cffa4b505a0a4a704c
39474cc8e88ee91fb383bbe856d0b6c1a579ec557351fe3f2b48f31fc3be31b0
3a0c1110f474cd87467ee5b4a04e84e301f7fcaaff4c9ee9ea895c03dae4bc5c
3ba54e027a6b2d500ffa0d1dd0195d295fa89bec13e664bcf419d90e542a0764
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
41006684aada371ac3c82a399f2c805e99d51084e1a61453ada651b3483021b1
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4d81639ce23fcbe90c6a4fcb3b1ede448ddf5eb635bde3021dbe67bc5c68c931
4fc2efe8d590d037af61708b1ff76c79ca06c4d1c8f7942dd3ab4ae2b48e8ee9
508a6eadc4add2b302d40f7310e58c4c5c517d1dd6e5263c4cb5ff1aab5821c1
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
5604e64ee74cfdc1385c2acec42973653b99699497b18bbd7ba8d2f06f5283d1
58b84b102eb26834d8a04db19b6422412ec1966d9771bffe48910b3f9cca280b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
606e734068492015f6353b9a42ade4d851fc89fdbd97992cd0396a32ba3243d8
62145007fa0a532b058e6ca56d88218a39c3e0c74f354e9beb4d6d421a1ad27b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a79827cc035938a181437352158fbd13cff9a2aa8db702e7154ccbb0bad3c91
6e0733d886a9010e105ac97e0377bfd75a616726a043a264e05f4172c1d9c03b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7bf9968b8521ce9f55632fea88b84ab5e3b49c238ef3803e228d6851fee8663b
7f13cfd524ffc64dd7f79b2a283efaede74890cb857c1831568eafb4ae7dd255
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
86d1d396eee5775325ba5890d3faa9b93c3d24fb37c3715ece1ef3afa5e36d2e
8a8027eb062751325f13f8d7c96950fd0375206c37038cc39b7b1bcf84401842
8a9e64adf9351dbc0f333daae135c88d5162ed8eadf5e65801c19914ab657bab
8afc50333b09af9eb4f738d5ef854715282ae76265cbc41f8a6bebe5691fd150
8eb14b9f3fb5d7cba145200a9286f9d6c68f3a2c0139228e230b4a26c5708a56
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
9cb121c1019e7796d00094a1f784ef2aaecb55af6088b6dba36b64f43c813588
9fa4b9195cbf3532f010674fad9b6e7fd8fd895d39b49544ef4035d5cb320953
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a3ba61118a1448bc6792e92363e736f9487bb83752c7388def37c5f7abcff5eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a5e988ededb2aa6ac2fbada686f36a5185bcfa983e316729a4540fb87ec54a0b
a76604c7200a3e9a82aa8ba7f6b2277852fc1728366ef36597ec31ad92977eab
a89765610f28906f30035dd5f47ef8f65bf9ff787b37dc18beab2c2556cc1818
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
b62eeb792b2e9bc0d6a455d82a6518c786b18a2ebc44261bae18a71ceb08645f
bd715ff4bf7944e105722a5659d34e3cb80ad816f0a616c0dd8c07035821510c
c09f2f8c37015710d660b65a37b9993b871eff517177bfb83fa53b23ed673c27
c18543aa8b786a9b3a7f1ea9f1df0c4f7bc8c9fc35c8481d4cdd8e692e412f8a
c36c05d80c1c0437180e33263d579b17e8ca71e65f0a030e13b344b1c12c77c6
c375c5226f945bc47daeddd48c04f6e85b3c2afcf859e3aec021f5d7673978c9
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cb1da0aa644f3aa14e29e3c55525bdb61193d90b1a1ef36505bf8086e7da09e1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d19f9fecb7afdf0fcc8c1f4a8d4c1b46f9108cc294c581a64794647b37717672
d1fbd3bb475cf9a095e9515e34ee9cfa0f4bc2d597b10064aecd8d858be3f0f9
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
dad2e7135263e2d9288d7f483d90f18c6cd9c048742ad9f9dcb783fa9dcfd7e7
e3805bc49f7b6864eceb31f9a46cf465c64ec5a89795f69be8e02bef39c462f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47cbe85b253e32b853ef6a6dfeabff988d4b4e87f8b728fa1d7b047d052c657
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ea1304a5f0f9d74005180d2edf55ebda89544021f549dcbf888b769ba71e11ee
eddc87b075c6da5d59879e245264316b47522400e2b57eead79ce913c5ac3cd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ffd3c3b31fb40d3c2b8b407297204209d594184e7b9327f3cc7cfd76ae140b48

www.shopsafe.biz Open in urlscan Pro 2606:4700:3037::ac43:c81b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

83 %IPv6

13 Domains

22 Subdomains

19 IPs

2 Countries

918 kBTransfer

2214 kBSize

5 Cookies

15 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.shopsafe.biz Open in urlscan Pro
2606:4700:3037::ac43:c81b Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

22
Subdomains

19
IPs

2
Countries

918 kB
Transfer

2214 kB
Size

5
Cookies

101 HTTP transactions
4 data transactions