ena4pbsr.ar4tc.com Open in urlscan Pro
2a02:4780:11:1358:0:1607:6d7d:2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ena4pbsr.ar4tc.com/
Submission: On December 20 via api (December 20th 2023, 11:05:35 am UTC) from US — Scanned from US

Summary HTTP 92 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 92 HTTP transactions. The main IP is 2a02:4780:11:1358:0:1607:6d7d:2, located in Mumbai, India and belongs to AS-HOSTINGER, CY. The main domain is ena4pbsr.ar4tc.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 20th 2023. Valid for: 3 months.

This is the only time ena4pbsr.ar4tc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:4780:11:... 2a02:4780:11:1358:0:1607:6d7d:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
21	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
2 11	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::65	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
23	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
4	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
3 4	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
4	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c09::69	15169 (GOOGLE) (GOOGLE)
2 3	172.253.62.149 172.253.62.149	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::95	15169 (GOOGLE) (GOOGLE)
3 3	54.80.35.249 54.80.35.249	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9a	15169 (GOOGLE) (GOOGLE)
92	19

1 2a02:4780:11:1358:0:1607:6d7d:2 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)

ena4pbsr.ar4tc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c19::9b (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.155 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.76 (Jersey City, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::69 (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::95 (Washington, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.80.35.249 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-35-249.compute-1.amazonaws.com

dc.arrivalist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	583 KB
22	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	202 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	141 KB
6	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	225 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
3	arrivalist.com 3 redirects dc.arrivalist.com — Cisco Umbrella Rank: 10196	1 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	25 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	91 KB
1	ar4tc.com ena4pbsr.ar4tc.com	3 KB
92	14

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net ena4pbsr.ar4tc.com ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
21	pagead2.googlesyndication.com	ena4pbsr.ar4tc.com pagead2.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com ena4pbsr.ar4tc.com googleads.g.doubleclick.net
6	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net ena4pbsr.ar4tc.com www.googletagservices.com
4	www.googleadservices.com	ena4pbsr.ar4tc.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	ena4pbsr.ar4tc.com ad.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	dc.arrivalist.com	3 redirects
3	ad.doubleclick.net	2 redirects www.googletagservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	adservice.google.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ena4pbsr.ar4tc.com
1	ena4pbsr.ar4tc.com
92	20

This site contains links to these domains. Also see Links.

Domain
edu1syr.ar4tc.com
t.me
drive.google.com
b1psr.ar4tc.com
m1psr.ar4tc.com
b2sdsr.ar4tc.com
b3sasr.ar4tc.com
b3sdsr.ar4tc.com
b9psr.ar4tc.com
b1sasr.ar4tc.com
b1sdsr.ar4tc.com
b2sasr.ar4tc.com
b5psr.ar4tc.com
b6psr.ar4tc.com
b7psr.ar4tc.com
b8psr.ar4tc.com
b2psr.ar4tc.com
b3psr.ar4tc.com
b4psr.ar4tc.com

Subject Issuer	Validity	Valid
ena4pbsr.ar4tc.com ZeroSSL RSA Domain Secure Site CA	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://ena4pbsr.ar4tc.com/
Frame ID: 0EEEEC914F954247A437CBE8645DF43B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B47E9EFA29C336855946BF0EE3D0E3C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&adk=1812271804&adf=3025194257&lmt=1703058522&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330338&bpp=3&bdt=284&idt=366&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7795499008518&frm=20&pv=2&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=381
Frame ID: 6BA68DC5585F5B2B03D11918FC1A1854
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&h=280&slotname=7800135797&adk=906005067&adf=4283947098&pi=t.ma~as.7800135797&w=1200&fwrn=4&fwrnh=100&lmt=1703058522&rafmt=1&format=1200x280&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330341&bpp=2&bdt=286&idt=385&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7795499008518&frm=20&pv=1&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=390
Frame ID: CB973A6CC8E16E4E23F9002F14D20DB8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&h=280&slotname=1639403195&adk=4248008953&adf=1839787983&pi=t.ma~as.1639403195&w=1200&fwrn=4&fwrnh=100&lmt=1703058522&rafmt=1&format=1200x280&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330343&bpp=1&bdt=289&idt=390&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7795499008518&frm=20&pv=1&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=393
Frame ID: DEF91F3CEF2D2AF67527EDED3E74121B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D9DAACA0B3718E710AFE055D80A047B1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 04618BBA61868E6549EAF169FED553F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEOr6-ZQDGPnIlf8BMAE&v=APEucNVvCJDHwdzB4FozpR54MpaZ1wH1R3fG4CY0o_HMkNyvq0Oer-6UeI8XdcMGzLJkKC67Tk8lx8qRkXhA6duiv5lZ2sSvEQ
Frame ID: D7E223B33B92939128D106E34DCCC9D6
Requests: 5 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 44E9199FFD964FE4A24716B7960491F9
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 845630FF170D0C9113DF42508D7D9A0D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F8736E8F5C6A127FCB1A5D2842C3362
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 994F54B554AACE6F73EB5FDFF653E0E1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1A5FDABD89A43F9B681DE20AE327DCC7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 40032F020F087F012ED7D5FBD08AFD24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 10E193A17D9584D5F39C1A4F15D5AD44
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A8383AE320E37F039091154AF7A63C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61759C78DBB6D01C4C608F16AEB561D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كتاب اللغة الانكليزية الصف الرابع الاساسي كتاب الانشطة 2024 - 2025

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

92
Requests

92 %
HTTPS

63 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

1275 kB
Transfer

3397 kB
Size

15
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://edu1syr.ar4tc.com/
Title: كتاب اللغة الانكليزية

Search URL Search Domain Scan URL

URL: https://t.me/edu1syr
Title: قناة التليكرام

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1wHywn39743COYHe-EYAmhgTJZuONAbIN/view?usp=share_link
Title: تحميل الكتاب

Search URL Search Domain Scan URL

URL: https://b1psr.ar4tc.com/
Title: كتب الرابع اساسي

Search URL Search Domain Scan URL

URL: https://m1psr.ar4tc.com/
Title: دروس الرابع اساسي

Search URL Search Domain Scan URL

URL: https://b2sdsr.ar4tc.com/
Title: كتب الثاني ثانوي ادبي

Search URL Search Domain Scan URL

URL: https://b3sasr.ar4tc.com/
Title: كتب الثالث ثانوي علمي

Search URL Search Domain Scan URL

URL: https://b3sdsr.ar4tc.com/
Title: كتب الثالث ثانوي ادبي

Search URL Search Domain Scan URL

URL: https://b9psr.ar4tc.com/
Title: كتب التاسع اساسي

Search URL Search Domain Scan URL

URL: https://b1sasr.ar4tc.com/
Title: كتب الاول ثانوي علمي

Search URL Search Domain Scan URL

URL: https://b1sdsr.ar4tc.com/
Title: كتب الاول ثانوي ادبي

Search URL Search Domain Scan URL

URL: https://b2sasr.ar4tc.com/
Title: كتب الثاني ثانوي علمي

Search URL Search Domain Scan URL

URL: https://b5psr.ar4tc.com/
Title: كتب الخامس اساسي

Search URL Search Domain Scan URL

URL: https://b6psr.ar4tc.com/
Title: كتب السادس اساسي

Search URL Search Domain Scan URL

URL: https://b7psr.ar4tc.com/
Title: كتب السابع اساسي

Search URL Search Domain Scan URL

URL: https://b8psr.ar4tc.com/
Title: كتب الثامن اساسي

Search URL Search Domain Scan URL

URL: https://b2psr.ar4tc.com/
Title: كتب الثاني اساسي

Search URL Search Domain Scan URL

URL: https://b3psr.ar4tc.com/
Title: كتب الثالث اساسي

Search URL Search Domain Scan URL

URL: https://b4psr.ar4tc.com/
Title: كتب الرابع اساسي

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKecAT9iQeAP-NJmcZiR8gs&google_cver=1

Request Chain 55

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYLKewTCGD1VHVErqI6OiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF5vVO3rCr6YUfDe41iRcco&google_cver=1

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEED3mCFY7GF9osbaUM71yPM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED3mCFY7GF9osbaUM71yPM%26google_cver%3D1

Request Chain 57

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTcxMjY3MjUxMjA3NDUyOA%3D%3D

Request Chain 62

https://googleads.g.doubleclick.net/pagead/adview?ai=CY5IuesqCZeCiL8TTxtYP6fOg2Au7z7H1dPSDvJmiEYOLktbpHRABIMjh9osBYMmGgIDco8QQoAHJ65TQAsgBCagDAcgDywSqBNQBT9BnbW9024rX8tsp22vog_FDNt3-TNXQlLXvsGyPTlJaWMKNuwbdKaQruA96Zb9LSBkN2pNRrH4MZ4igMoshoBF6pEuvLLKhcrU-pLBDigimh8AdwJPM9FzzCpGFUVlgNRQd5j-eoxg3M2UjGC5PhE9tEh31XEDgCcAP7u04jeq2CZyBG6MN79va_vNm_O8pBy0QRebmbMYM2AYKTJMyBwCVWqSqrDrz43XzoPD2oGRnLRsd5E21rKgwYveYIcCl4XK7GHrbdqNO3wshY_SA7n4v1efABJSz9rfHBIgF-d-euEqSBQQIBBgBkgUECAUYBKAGLoAHn5TrrwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCVoQzSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNGR37DvnYMDmgnOAWh0dHBzOi8vc2VhcmNoLnlhaG9vLmNvbS95aHMvc2VhcmNoP2hzcGFydD15YWhvbyZoc2ltcD15aHMtbW4yMWEmcD1iZXN0K3dob2xlK2xpZmUraW5zdXJhbmNlK3NlbmlvcnMrMjAyMyZ0eXBlPUM0ODcyVFomcGFyYW0xPXtnY2xpZH0mcGFyYW0yPWJjZF8xOTk4MjE2ODA1N18xNTY2MTUxNTQwNjgmcGFyYW0zPWJjZF9LY0hjejRwa1ptMGNQQT09JmdfYXA9Z2d0gAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLaDBAKChCAjdC6tbCurQkSAgEDuBPkA9gTDIgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTAxOTkwMDQ4NzMzNDA0GAA&sigh=Z-mo4zp6jbc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_zxKkxdQgruI4ydGPmsSIHdg3brl_EOrYFeEZtTImZB4BFiQfABySwCVyY1tPifRLorbD6wPucasav2Kx5u2QUne9ocSdZeYDbhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xeea8f7275cb1ab8b0000000000000000%22,%222%22:%220xe7b60f19eb6acc8d0000000000000000%22,%223%22:%220x9393e2eb22104a0e0000000000000000%22,%224%22:%220x800290ad1e1b69dd0000000000000000%22,%225%22:%220x74bee70b91cd2adc0000000000000000%22},%22debug_key%22:%2212102106567643325250%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22704984521%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216688591238551620257%22}&andc=true

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://googleads.g.doubleclick.net/pagead/adview?ai=CNDB-esqCZaLIL9OEvPIPwu-BiASxvr7pdJrf8Yu2ErKPjPHiQRABIMjh9osBYMmGgIDco8QQoAGTtdvqKcgBCagDAcgDywSqBOkBT9ATZQoE3K_3GbDoXhxN-Ezzel8A5Pm143wd9nt7djkk6ip-mC5Gsv1jGH4KRIBrkAw8BguhTaoTZdTJwhefdqH2Xlbkw1dLlS0gla058KLDkE5TEgoabGicQfanSfgsUKdqxfFqgjmi_1_KpBQu7I4tUENVrWv3pryXOvBUukMcT4JvnyqiOdnbiDQSA3A_nt9oKpswtY02nzqUBpKLeHucFFP4EsTjLH628GTBO8cKQYQcOfeO-xBi9BgHFCyneL7PLalMiZSvgm0Q48IuSN_GO--_ndR5Q7SDkPbWPtdGWynyqHf503TABNiy7vvHBIgFhKSQxE2SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHk-2rygSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCEoWHSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMq637DvnYMDmglvaHR0cHM6Ly9mYXN0cHJpbnRhcHAuY29tL2xwMS8_Y2hhbm5lbD1odWQtZ2RuJnRyYWNraW5nX2lkPTE0MiZvaWQ9MTQyJmFmZmlkPTEwMjUmc291cmNlX2lkPWdvb2dsZSZzdWIxPTE0MmltYWxsgAoByAsBogwQKg4KDOS0sQLutbECtbixAtoMEAoKEMCskceB2Zz1NRICAQO4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTU1MDE5OTAwNDg3MzM0MDQYAA&sigh=up_kO_1dqBc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_nLoIU7qWWWkbPTewYwgNkZ4bCT7V0tuv6D4HSIdbPx5cNhP-HccAA65F-flBMDuiDwTR-t0mXCcTn4MhmIiETQAYqrb_ZJkpy_oYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa7be284d0b0b1b020000000000000000%22,%222%22:%220x874dbdfa5d73e1f70000000000000000%22,%223%22:%220xc5bf9d376acab1f60000000000000000%22,%224%22:%220xcbc384f37ab4792e0000000000000000%22,%225%22:%220x5d6124783431283f0000000000000000%22},%22debug_key%22:%222149068544234609370%22,%22debug_reporting%22:true,%22destination%22:%22https://fastprintapp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211229649555%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217924841696647817425%22}&andc=true

Request Chain 74

https://dc.arrivalist.com/px/?pixel_id=1414&a_source=Expedia&a_medium=Display&a_campaign=VFC-13891-AlwaysOn_SeaWorldOrlando&a_content=NA&a_type=Paid HTTP 302
https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-1626582ca7c4cb978.315577546582ca7c4cefc6.41566639 HTTP 302
https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-1626582ca7c4cb978.315577546582ca7c4cefc6.41566639 HTTP 302
https://dc.arrivalist.com/pj/proc.php?auid=8409712672512074528&rk=ckip-10-0-1-1626582ca7c4cb978.315577546582ca7c4cefc6.41566639 HTTP 302
https://ib.adnxs.com/seg?add=10485666&redir=https://ad.doubleclick.net/ddm/activity/src=8227914;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8227914;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

92 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ena4pbsr.ar4tc.com/ 11 KB
3 KB 1003ms
275ms Document
text/html 2a02:4780:11:1358:0:1607:6d7d:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:11:1358:0:1607:6d7d:2 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

359bc193db76ae74e68c82ba5479a73c132be273bdf318c3b2d0765cb8200b50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2244
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 20 Dec 2023 11:05:29 GMT
etag: "2a3e-65829c5a-2f738a74a13bcc44;br"
last-modified: Wed, 20 Dec 2023 07:48:42 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 185ms
78ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5501990048733404

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87f5b92e3781babc778e63540d51aa7a321311a676f5a30a0dd0c095151361bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Origin: https://ena4pbsr.ar4tc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51288
x-xss-protection: 0
server: cafe
etag: 10082221503179548394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 178ms
71ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q021TNSC8M

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

303e2fd434da0481dae2e6aa73176c0cb2f7ccfff2a7b92d808b522184466f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 11:05:30 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 233ms
129ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5501990048733404

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 5399571436788735572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B47E 9 KB
4 KB 161ms
53ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5501990048733404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 33093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 01:53:57 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 01:53:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 171ms
60ms Ping
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q021TNSC8M&gtm=45je3bt0v9173393617&_p=1703070330072&gcd=11l1l1l1l1&dma=0&cid=330316227.1703070330&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703070330&sct=1&seg=0&dl=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&dt=%D9%83%D8%AA%D8%A7%D8%A8%20%D8%A7%D9%84%D9%84%D8%BA%D8%A9%20%D8%A7%D9%84%D8%A7%D9%86%D9%83%D9%84%D9%8A%D8%B2%D9%8A%D8%A9%20%D8%A7%D9%84%D8%B5%D9%81%20%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B9%20%D8%A7%D9%84%D8%A7%D8%B3%D8%A7%D8%B3%D9%8A%20%D9%83%D8%AA%D8%A7%D8%A8%20%D8%A7%D9%84%D8%A7%D9%86%D8%B4%D8%B7%D8%A9%202024%20-%202025&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1365
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q021TNSC8M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ena4pbsr.ar4tc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BA6 282 KB
73 KB 589ms
588ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&adk=1812271804&adf=3025194257&lmt=1703058522&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330338&bpp=3&bdt=284&idt=366&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7795499008518&frm=20&pv=2&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d41769b0f30fff6ca611778ea9e7e601a5923c01f3376c24096143b9b539ea6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 74821
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:31 GMT
expires: Wed, 20 Dec 2023 11:05:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB97 120 KB
41 KB 640ms
639ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&h=280&slotname=7800135797&adk=906005067&adf=4283947098&pi=t.ma~as.7800135797&w=1200&fwrn=4&fwrnh=100&lmt=1703058522&rafmt=1&format=1200x280&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330341&bpp=2&bdt=286&idt=385&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7795499008518&frm=20&pv=1&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=390

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e5ad2bb44bcddaa230f5f856349ff47abb1de8bf846dd83f693dc03de0ad895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41705
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:31 GMT
expires: Wed, 20 Dec 2023 11:05:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEF9 115 KB
40 KB 514ms
513ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&h=280&slotname=1639403195&adk=4248008953&adf=1839787983&pi=t.ma~as.1639403195&w=1200&fwrn=4&fwrnh=100&lmt=1703058522&rafmt=1&format=1200x280&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330343&bpp=1&bdt=289&idt=390&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7795499008518&frm=20&pv=1&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240284a7b22e7d0a88e739761dbac7c65ae95d372322b05fdd1dbb5fb289229b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40735
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:31 GMT
expires: Wed, 20 Dec 2023 11:05:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DEF9 6 KB
1 KB 168ms
62ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&h=280&slotname=1639403195&adk=4248008953&adf=1839787983&pi=t.ma~as.1639403195&w=1200&fwrn=4&fwrnh=100&lmt=1703058522&rafmt=1&format=1200x280&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330343&bpp=1&bdt=289&idt=390&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7795499008518&frm=20&pv=1&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 10:22:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DEF9 2 KB
903 B 168ms
60ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 05:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 05:53:45 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/14262663911033315194/ Frame DEF9 9 KB
10 KB 168ms
62ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14262663911033315194/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ec127636bdaa5505237b9be2f52680f78ebfdf57e40dae91f89984e30bb852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 14:10:41 GMT
date: Tue, 19 Dec 2023 14:10:41 GMT
x-content-type-options: nosniff
age: 75290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9668
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:16:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DEF9 23 KB
9 KB 188ms
102ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:35:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DEF9 3 KB
1 KB 145ms
60ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 06:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 06:42:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DEF9 20 KB
9 KB 138ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 07:22:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEF9 203 KB
65 KB 299ms
54ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame DEF9 37 KB
16 KB 299ms
53ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 04:05:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CB97 6 KB
779 B 65ms
65ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5501990048733404&output=html&h=280&slotname=7800135797&adk=906005067&adf=4283947098&pi=t.ma~as.7800135797&w=1200&fwrn=4&fwrnh=100&lmt=1703058522&rafmt=1&format=1200x280&url=https%3A%2F%2Fena4pbsr.ar4tc.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703070330341&bpp=2&bdt=286&idt=385&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7795499008518&frm=20&pv=1&ga_vid=330316227.1703070330&ga_sid=1703070331&ga_hid=963091375&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C31079980%2C31080104%2C44798934%2C95320884&oid=2&pvsid=1920329262083189&tmod=991409481&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 10:13:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 86ms
86ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5ec05a5d24a0b91e6f6e4bbae860fbc4aecbc4d404a791231d0872f23313b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56006
x-xss-protection: 0
server: cafe
etag: 5905412662586274794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB97 2 KB
856 B 101ms
101ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 05:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 05:53:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CB97 23 KB
9 KB 109ms
109ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:35:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB97 3 KB
1 KB 119ms
119ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 06:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 06:42:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB97 20 KB
8 KB 102ms
102ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 07:22:56 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CB97 202 KB
61 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:56:58 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame CB97 37 KB
15 KB 216ms
66ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 04:05:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6178672706574091772/ Frame CB97 34 KB
34 KB 121ms
121ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6178672706574091772/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

389dab54b2aa2666d0647920033e4712237599b64cbd44448a356c53f4a3a9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 15 Dec 2024 13:36:11 GMT
date: Sat, 16 Dec 2023 13:36:11 GMT
x-content-type-options: nosniff
age: 336560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35053
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 15:40:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame DEF9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 908a60438f06277ddda458e7b5321b4206ccd75c4774145a5c7e927e0d51937c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame D9DA 9 KB
4 KB 57ms
55ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 36174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 01:02:37 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 01:02:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 0461 9 KB
4 KB 57ms
56ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 36174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 01:02:37 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 01:02:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB97 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc5cfea6185546182a6b499de77a6af06d6177b5ed64bfc77c2acba89f1fad95

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB97 15 KB
16 KB 162ms
52ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:44:42 GMT
x-content-type-options: nosniff
age: 148849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:44:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB97 15 KB
15 KB 218ms
110ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:05:17 GMT
x-content-type-options: nosniff
age: 25214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 04:05:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB97 15 KB
15 KB 171ms
65ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 16:06:15 GMT
x-content-type-options: nosniff
age: 154756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 16:06:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D9DA 4 KB
744 B 63ms
62ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 09:44:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D9DA 205 B
295 B 56ms
54ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 06:39:31 GMT
x-content-type-options: nosniff
age: 15960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 19 Dec 2024 06:39:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D9DA 604 B
919 B 55ms
54ms Image
image/png 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:39:26 GMT
x-content-type-options: nosniff
age: 48365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 21:39:26 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D9DA 16 KB
7 KB 56ms
56ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 04:27:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D9DA 22 KB
9 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 05:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21478
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 05:07:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D7E2 624 B
246 B 73ms
72ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEOr6-ZQDGPnIlf8BMAE&v=APEucNVvCJDHwdzB4FozpR54MpaZ1wH1R3fG4CY0o_HMkNyvq0Oer-6UeI8XdcMGzLJkKC67Tk8lx8qRkXhA6duiv5lZ2sSvEQ

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:31 GMT
expires: Wed, 20 Dec 2023 11:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 44E9 18 KB
8 KB 60ms
59ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 10:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 20 Dec 2023 11:11:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 44E9 23 KB
9 KB 52ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 03:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 03:40:57 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 44E9 7 KB
3 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 04:31:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 44E9 0
0 188ms
76ms Fetch
image/gif 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-QIJKvJIDr7IBqmvu5HUpOgYp8b4mRZJ6gFr89kU2MlVH8VyTSor_5jXN-N7NbYkQAcOPoWXv21vou46LwAJrv6W8ZmOM3IkvF5U9heYRnD2T277ixhVbIlIUPJ4rLwlkdR3BTz88C5sZgk_ErulL9_76eHColKzEqjYL6cp9PBEUswHSBJHSbsOKsXG768mAfdoIxFdm2Manr166u0LjO1QmKYnVDnlujESW1nOT1EyK0qPKXTCPx8SqZE_rr2jYIGPuZME3uS49ekZsD76tLmUEv1w4tDhsK4MFgrrWeKYD1V2BmUDRfsRwSDj6fTTASXrKSXusPJLOLiWTt39ZpUIV8_bpJxdf1gfr0dLsrq2KIqdiJoh1N8JNyv8-LO6CsxEl6pv7m33oHpySfdH7xisQmtF6yt-KiSHNd-3yIvqgoZUzl-Pd99i6TyVkmERKBn9e_bQZlmhdUPKkiXV6pYFQLf-S1PgzkRlb7i47mOBd00G0LuqYbV3T4Hx9xLys5I1AGgxb_xcqXJnZDRgck1_ZK9mFht0yhhnKDcX6i4qHVCmIxh_yMhpVCSU_mSKmt5E0A98V3wqh0W6AbKcU2ZpZAymkqfz-u4dkL7Icna3ySZkVubbQE7GkGvRV6DChyzM-eQzTaw_Tt6XzrW3-MLWyqjNfyVqKBPX9wEmPrRtuzluFRbayC3IrCkoBt3ybEa-p2T-7GNLL0fSUVdJV9O3FrNJZEaFhd1LYTfy1dFdLHXyWfsU52pOvq-Mdf1DonSkhzjxBsb4egICDliUFvWYqLqZruuD8lIOkTmF2UEnTjmBTlAi_4rraus0jQyitBKSK35X6X2GTMvUywsaDuvUm4Pn3bpPYYFhSHHgsD_YnAIXECJsk4lfQR0O7Wh4LEd6hs9GfYDaQlfh4eSrRLwD3ZY42cmxYhYf5JJ3lXxCiS838UWpJiCSq6kIyWa6xiapVF-HdomxArF0F28Cbfj3JquGz2linO8SKPHYKBE1z4z2AF39drZetJW7cI0wMsVszfGB6qUMKzmoaxcKpQNGouP_ZwwcVUpCozsUSzjSisfvOCEcPuZxE7iIKH5hVFYL1XOybWqRd-ymWu0_Z9OltJ6DQxyGQVvbZ8foEuQJeLpL1wgkCTfBlH4hDSKu0sHHCjqMnxXyy0rzsRkUqa67nlgme9Yr8PcMGj5Fx7lvJ8m3UB4cYGsOH4kUTQC-1-aklrUNdkn3MFXTRm5jU0uvdTrkYmzhPZoTe-8DsE3ImUTNpEv5BK4Xa2UrftXokdBR3Y4CzsX0zDBF1fvHYYclud5mZR5ah&sai=AMfl-YSnN2IA1eJHPSAQu3t86OjGyLNCRYKK_xGypFlppCQ2NHXdk8GsmEU-j1-dWtXqkOnEy6a5ua6706qVqTMSsf4tzWtqiyqiO6VxJzj_FAAAsXfcvKdEDhk2AHZJzrmYZRGVanfLYgAJx7ssGTJ9Equ2QYJwP7B58jAtkf0j5mGqskD_QO1NDg93X6N3QANgapgP4Tx6VdoeIT934IO2JswvuFLncZ0Op0HP4OM-p-1eZZoKqP8DWdzTJKURXz_n-7HhLsCYJVoQVVWgudo31FLxErO_tQROvFv0LN2fdWS4yRVVVMEiOWJlSmpkj3TgT4Rq8MlwEHkgUDcoh66-2HXaOTFmE17QWgK_i5VlWApyXoufIzfixsA8fNJZMep9aAoBnpt2sDIiIBd2fCc6_hLrMo-aN3Qw00Ls49_VHeJjAA1Uo4-pSdd-ww_ORpBkyY0AkqD2OWPV9n2aozstj7zGB8MqXo1kt9MnymjAgLA88oZ7x1_j60_zjFYpvQ&sig=Cg0ArKJSzE4FMNrfGMg4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231207.52555&arae=0&ftch=1&adurl=

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:05:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 44E9 3 KB
1 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 06:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 06:42:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 44E9 20 KB
8 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 07:22:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44E9 203 KB
64 KB 60ms
59ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44E9 42 B
63 B 67ms
67ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChDpeCn8_fEslWXp5ZDgw-BbfwsX1u73cPmv1zep-N2yq7BXSWlkPYNC7qzDHY8FjZwJR6y-NNTDHnK5eObtu--wNRSC28_F4f7K8OpDqaBz-oa48

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8456 14 KB
1 KB 63ms
63ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 09:50:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8456 2 KB
856 B 52ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 05:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 05:53:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8456 23 KB
9 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:35:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F87 143 B
166 B 56ms
53ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:00:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8456 3 KB
1 KB 58ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 06:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 06:42:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8456 20 KB
8 KB 55ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 07:22:56 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8456 203 KB
64 KB 56ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 11:05:31 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8456 37 KB
15 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 04:05:18 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKecAT9iQeAP-NJmcZiR8gs&google_cver=1

43 B
773 B

66ms
66ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKecAT9iQeAP-NJmcZiR8gs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEOr6-ZQDGPnIlf8BMAE&v=APEucNVvCJDHwdzB4FozpR54MpaZ1wH1R3fG4CY0o_HMkNyvq0Oer-6UeI8XdcMGzLJkKC67Tk8lx8qRkXhA6duiv5lZ2sSvEQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Auq%2BM4i44rPYAkjo6nlYzEAaQgqGOhHjpcQt1Uob%2F4H%2F1wNEIhKlKpUaUXoACiT9%2BnBmJqSOLUC083SVfr%2F9SDq0h35od0RgK6D%2FbITPwYfLGXkYTbKbBcmng%2BKFtfneC37sumItwmdcjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83876926cdec257d-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKecAT9iQeAP-NJmcZiR8gs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7E2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYLKewTCGD1VHVErqI6OiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF5vVO3rCr6YUfDe41iRcco&google_cver=1

43 B
734 B

64ms
64ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF5vVO3rCr6YUfDe41iRcco&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEOr6-ZQDGPnIlf8BMAE&v=APEucNVvCJDHwdzB4FozpR54MpaZ1wH1R3fG4CY0o_HMkNyvq0Oer-6UeI8XdcMGzLJkKC67Tk8lx8qRkXhA6duiv5lZ2sSvEQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pF55dwMT5sW%2F66nztN1pKr89ph4WE2EMWSoWP0W7MH%2B8SlQVZ%2F04SQcGXDpIfVQCIPUkj4AOysDN9C7254hn9p4uQOqoVdbV%2FSts66TCparWkZ7asdT14qX7T2oy6oj3%2FPRosJcGP3cpSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838769278e98257d-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF5vVO3rCr6YUfDe41iRcco&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D7E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEED3mCFY7GF9osbaUM71yPM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED3mCFY7GF9osbaUM71yPM%26google_cver%3D1

43 B
892 B

95ms
94ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED3mCFY7GF9osbaUM71yPM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPLwi80CEOr6-ZQDGPnIlf8BMAE&v=APEucNVvCJDHwdzB4FozpR54MpaZ1wH1R3fG4CY0o_HMkNyvq0Oer-6UeI8XdcMGzLJkKC67Tk8lx8qRkXhA6duiv5lZ2sSvEQ

Protocol

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
an-x-request-uuid: 96efd341-874b-4d52-838c-e4fa12606296
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.72; 38.132.118.72; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
an-x-request-uuid: 74127e0f-49fa-4efc-9f5d-569e06993576
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEED3mCFY7GF9osbaUM71yPM%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7E2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTcxMjY3MjUxMjA3NDUyOA%3D%3D

170 B
188 B

60ms
60ms

Image
image/png

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTcxMjY3MjUxMjA3NDUyOA%3D%3D

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
an-x-request-uuid: be3d2e2a-13a2-41a8-83d4-bc7708df0e54
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQwOTcxMjY3MjUxMjA3NDUyOA%3D%3D
x-proxy-origin: 38.132.118.72; 38.132.118.72; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 44E9 59 KB
23 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 270002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Dec 2024 08:05:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DEF9 15 KB
16 KB 53ms
52ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:44:42 GMT
x-content-type-options: nosniff
age: 148849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:44:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DEF9 15 KB
15 KB 63ms
63ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:05:17 GMT
x-content-type-options: nosniff
age: 25214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 04:05:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DEF9 15 KB
15 KB 75ms
74ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 16:06:15 GMT
x-content-type-options: nosniff
age: 154756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 16:06:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CB97
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CY5IuesqCZeCiL8TTxtYP6fOg2Au7z7H1dPSDvJmiEYOLktbpHRABIMjh9osBYMmGgIDco8QQoAHJ65TQAsgBCagDAcgDywSqBNQBT9BnbW9024rX8tsp22vog_FDNt3-TNXQlLXvsGyPTlJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xeea8f7275cb1ab8b0000000000000000%22,%222%22:%220xe7b60f19eb6acc8d0000000000000000%22,%223%22:%220x9393e2...

0
0

189ms
66ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xeea8f7275cb1ab8b0000000000000000%22,%222%22:%220xe7b60f19eb6acc8d0000000000000000%22,%223%22:%220x9393e2eb22104a0e0000000000000000%22,%224%22:%220x800290ad1e1b69dd0000000000000000%22,%225%22:%220x74bee70b91cd2adc0000000000000000%22},%22debug_key%22:%2212102106567643325250%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22704984521%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216688591238551620257%22}&andc=true

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xeea8f7275cb1ab8b0000000000000000","2":"0xe7b60f19eb6acc8d0000000000000000","3":"0x9393e2eb22104a0e0000000000000000","4":"0x800290ad1e1b69dd0000000000000000","5":"0x74bee70b91cd2adc0000000000000000"},"debug_key":"12102106567643325250","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["704984521"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"16688591238551620257"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 11:05:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xeea8f7275cb1ab8b0000000000000000","2":"0xe7b60f19eb6acc8d0000000000000000","3":"0x9393e2eb22104a0e0000000000000000","4":"0x800290ad1e1b69dd0000000000000000","5":"0x74bee70b91cd2adc0000000000000000"},"debug_key":"12102106567643325250","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["704984521"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"16688591238551620257"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 994F 50 KB
19 KB 52ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 547209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 03:05:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F87
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
60ms

Document
text/html

2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:32 GMT
expires: Wed, 20 Dec 2023 11:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B30967193.380866745;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=3276148316;ord=0xaq4p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstkFQbBnkT_XoAJfhYKeYGOksezM6oXksWizvcyN42Cz... Show response
ad.doubleclick.net/ddm/adj/N1143242.218EXPEDIA/ Frame 44E9 73 KB
33 KB 198ms
94ms Script
text/javascript 172.253.62.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1143242.218EXPEDIA/B30967193.380866745;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=3276148316;ord=0xaq4p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstkFQbBnkT_XoAJfhYKeYGOksezM6oXksWizvcyN42CzC6zJy12pk4zZIv-cqk1K1bpZoj-0EeRArNHM_LZPXzjvYdEWcbD50ep0fViBwHgszwOKZd_X9GcVgp57OwtST0AqTHhtP9ELPKlE5kvn4v2rcYddRuUPT9L59kxeL9ok4elbktXbLHPHKJq8YKxpT2O47ZzMdWMh6AD4ZyJ_8tIE2vF8KJtoUwrnd6H7mbaa6K0BfQsb1RrtVhsA5GnV7dkvN7LkioCi9qBkwmq81zsdi4RhV7Y0YYsSX8Cu3mqUsgIC2I22a7qAOhL5NjyZZDgrOmMIlT6Iu01lBeF1jkNwGwgP9S6d2RNDnuAYGYSBNCCsve5WhTmAG6L6juYmGfdrrtZxuzjsVbVLxZ2TVktqiMY3QDoD3wZXsvJexGDJto3rNeuhldlrGPYrzSzhNjCCr22OGYuLDMgmA6sUxVEqfkc33nZxBS3RlcN_N9Xsf29H0-Dfuay9qdlag7kaO8G8Jyd055aWtBmJTPP0rMOBJlN3oL6swajTskPhEB_rXI2Dmn8JgL5diC76GblhAtMTGT1TmJfmaHig2fbb3fNjHMnpTX-okemo7voZCMktbNGvnuYZkUkhFg9jSa8YgRDhGx_d6-dofTtuDBxsV1RzN9ur1pTNDcpjJv1jZEQB6riFb26FSgsM_8X-9T_FDwkJyo6oaYtrnq6xaUGQbI7bCwsf2CRbxr59tIOPqyFTZyJBdjWEyrEa0XC5pwafcG96UhaMxb8XlvrbSZjx6EGooAwT9b9VZJe-yehgBTy6VKzdUmb8rHggy62crYDq23jfVUFskEb4iKcCxj-VYN7YGnfxy3S_2HXCsubCIvbe1bqzvjOJAOy2nErJZ7CCZGyL6tgya65xbOZ1yTP7pJQRqjTv_BAKm7lHNAfBzKLXchEa4Cj04MC_maKxCAglKyK0bfpnQAWVVHUSK0Fx20SnQnzFp6q8Xi-KFkpwqfovbzuXWkCZun2IeiivcoXLXmjYC8v4e4DULilWmIo8UV1xOhKGdwUfKYMvr6eHSEgfgLNaGESVWytIu7har6aleWLFfknJZ26R5wzw5QCz9FPcb59LlFGyL5p-1wZGlkeZT8krVFO0l7gvNpafluIn65UAR-o4Bb6jxhcSMYtDlZpSGs_nes9iLVLwvbCpbQJbd1ftL3Jb3gZ5jQtDPNKM90FXYV-Z4L-m1mff2yh7A%26sai%3DAMfl-YQzmQlkfPTMfHVtB3svZjqO9KoQN0caONTziwjJaZLWQtn8vU9Plk7QDPTt1JCQY0JseW_Qi680GYMx9EU26fNNuZCjDuAKFL6_lRndMrIYcgsG5UR35_EOPl8FIiE57GafoZt90GfhKZ2MZSy0YOy1xUczFEzaO8P9azk2TgFXp6oge828j5UYHWhpKfBOU6J9Q7BQGWIWsu0FV-XQD97W2PA-lSQAIddwzXeKI5l-Tgo2uxyAQz4N5duKb4b3kf1F7HtxHOEFW7ILx3GgvhK1q8FSpeWI1N12qa7_pHKZsR6AqAhEXkNlPOfXF5OF_x7fD4z5cLoSeA%26sig%3DCg0ArKJSzO4lDDbuHHpAEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fena4pbsr.ar4tc.com%2F$0;xdt=1;crlt=LFy94(Lqu9;stc=1;chaa=1;sttr=94;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f149.1e100.net

Software

cafe /

Resource Hash

bd9c807459ea7bff92fd29406143635e5b66809cd86ac8cda999e7c46c649a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DEF9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNDB-esqCZaLIL9OEvPIPwu-BiASxvr7pdJrf8Yu2ErKPjPHiQRABIMjh9osBYMmGgIDco8QQoAGTtdvqKcgBCagDAcgDywSqBOkBT9ATZQoE3K_3GbDoXhxN-Ezzel8A5Pm143wd9nt7djk...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa7be284d0b0b1b020000000000000000%22,%222%22:%220x874dbdfa5d73e1f70000000000000000%22,%223%22:%220xc5bf9d...

0
0

187ms
65ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa7be284d0b0b1b020000000000000000%22,%222%22:%220x874dbdfa5d73e1f70000000000000000%22,%223%22:%220xc5bf9d376acab1f60000000000000000%22,%224%22:%220xcbc384f37ab4792e0000000000000000%22,%225%22:%220x5d6124783431283f0000000000000000%22},%22debug_key%22:%222149068544234609370%22,%22debug_reporting%22:true,%22destination%22:%22https://fastprintapp.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211229649555%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217924841696647817425%22}&andc=true

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa7be284d0b0b1b020000000000000000","2":"0x874dbdfa5d73e1f70000000000000000","3":"0xc5bf9d376acab1f60000000000000000","4":"0xcbc384f37ab4792e0000000000000000","5":"0x5d6124783431283f0000000000000000"},"debug_key":"2149068544234609370","debug_reporting":true,"destination":"https://fastprintapp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11229649555"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"17924841696647817425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 11:05:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 11:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa7be284d0b0b1b020000000000000000","2":"0x874dbdfa5d73e1f70000000000000000","3":"0xc5bf9d376acab1f60000000000000000","4":"0xcbc384f37ab4792e0000000000000000","5":"0x5d6124783431283f0000000000000000"},"debug_key":"2149068544234609370","debug_reporting":true,"destination":"https://fastprintapp.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11229649555"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"17924841696647817425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A5F 50 KB
19 KB 52ms
51ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 547209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 03:05:22 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 169ms
65ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 11:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 66ms
65ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 11:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 44E9 11 KB
4 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1143242.218EXPEDIA/B30967193.380866745;dc_ver=99.292;sz=728x90;u_sd=1;dc_adk=3276148316;ord=0xaq4p;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstkFQbBnkT_XoAJfhYKeYGOksezM6oXksWizvcyN42CzC6zJy12pk4zZIv-cqk1K1bpZoj-0EeRArNHM_LZPXzjvYdEWcbD50ep0fViBwHgszwOKZd_X9GcVgp57OwtST0AqTHhtP9ELPKlE5kvn4v2rcYddRuUPT9L59kxeL9ok4elbktXbLHPHKJq8YKxpT2O47ZzMdWMh6AD4ZyJ_8tIE2vF8KJtoUwrnd6H7mbaa6K0BfQsb1RrtVhsA5GnV7dkvN7LkioCi9qBkwmq81zsdi4RhV7Y0YYsSX8Cu3mqUsgIC2I22a7qAOhL5NjyZZDgrOmMIlT6Iu01lBeF1jkNwGwgP9S6d2RNDnuAYGYSBNCCsve5WhTmAG6L6juYmGfdrrtZxuzjsVbVLxZ2TVktqiMY3QDoD3wZXsvJexGDJto3rNeuhldlrGPYrzSzhNjCCr22OGYuLDMgmA6sUxVEqfkc33nZxBS3RlcN_N9Xsf29H0-Dfuay9qdlag7kaO8G8Jyd055aWtBmJTPP0rMOBJlN3oL6swajTskPhEB_rXI2Dmn8JgL5diC76GblhAtMTGT1TmJfmaHig2fbb3fNjHMnpTX-okemo7voZCMktbNGvnuYZkUkhFg9jSa8YgRDhGx_d6-dofTtuDBxsV1RzN9ur1pTNDcpjJv1jZEQB6riFb26FSgsM_8X-9T_FDwkJyo6oaYtrnq6xaUGQbI7bCwsf2CRbxr59tIOPqyFTZyJBdjWEyrEa0XC5pwafcG96UhaMxb8XlvrbSZjx6EGooAwT9b9VZJe-yehgBTy6VKzdUmb8rHggy62crYDq23jfVUFskEb4iKcCxj-VYN7YGnfxy3S_2HXCsubCIvbe1bqzvjOJAOy2nErJZ7CCZGyL6tgya65xbOZ1yTP7pJQRqjTv_BAKm7lHNAfBzKLXchEa4Cj04MC_maKxCAglKyK0bfpnQAWVVHUSK0Fx20SnQnzFp6q8Xi-KFkpwqfovbzuXWkCZun2IeiivcoXLXmjYC8v4e4DULilWmIo8UV1xOhKGdwUfKYMvr6eHSEgfgLNaGESVWytIu7har6aleWLFfknJZ26R5wzw5QCz9FPcb59LlFGyL5p-1wZGlkeZT8krVFO0l7gvNpafluIn65UAR-o4Bb6jxhcSMYtDlZpSGs_nes9iLVLwvbCpbQJbd1ftL3Jb3gZ5jQtDPNKM90FXYV-Z4L-m1mff2yh7A%26sai%3DAMfl-YQzmQlkfPTMfHVtB3svZjqO9KoQN0caONTziwjJaZLWQtn8vU9Plk7QDPTt1JCQY0JseW_Qi680GYMx9EU26fNNuZCjDuAKFL6_lRndMrIYcgsG5UR35_EOPl8FIiE57GafoZt90GfhKZ2MZSy0YOy1xUczFEzaO8P9azk2TgFXp6oge828j5UYHWhpKfBOU6J9Q7BQGWIWsu0FV-XQD97W2PA-lSQAIddwzXeKI5l-Tgo2uxyAQz4N5duKb4b3kf1F7HtxHOEFW7ILx3GgvhK1q8FSpeWI1N12qa7_pHKZsR6AqAhEXkNlPOfXF5OF_x7fD4z5cLoSeA%26sig%3DCg0ArKJSzO4lDDbuHHpAEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fena4pbsr.ar4tc.com%2F$0;xdt=1;crlt=LFy94(Lqu9;stc=1;chaa=1;sttr=94;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 07:22:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 44E9 0
0 67ms
66ms Fetch
image/gif 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssziSlBlrx4oZMtXSyJJYLc7_bk1tPNqsExz3g4ZOy5gjFMdWV8db39vbGpo_XicipHSR63jDxcH8yccK4AACMvuxcSxGiDs1L9s_NaYa0YmPyItJhaM4AK7_2OEcrGkU-KbWlFHsuxUQhJTBVTt7-DHwNZuMimW9x_eCj5-Ei9zTPm&sai=AMfl-YRnutEjWuKYYiUwkWRpo_tc1k695jmFmiVLMoG-aSexoB7JVTjecshwBqE8H2eTifVlN-rD81FZJbjPeleSngYPNXJT_qs61Zx1Jg&sig=Cg0ArKJSzMD_fLeC5WYKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.73092&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 44E9 41 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 22:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 216820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2024 22:51:52 GMT

GET
H2 200 11813996284217615237
s0.2mdn.net/simgad/ Frame 44E9 24 KB
25 KB 161ms
53ms Image
image/jpeg 2607:f8b0:4004:c19::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11813996284217615237

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::95 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e724a5cae327feeceec12e5bcdb2a683d7f9e6fc7a9bf1b1848927b7d0e98bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 16 Dec 2024 04:31:52 GMT
date: Sun, 17 Dec 2023 04:31:52 GMT
x-content-type-options: nosniff
age: 282820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24856
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 18:31:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame 44E9
Redirect Chain

https://dc.arrivalist.com/px/?pixel_id=1414&a_source=Expedia&a_medium=Display&a_campaign=VFC-13891-AlwaysOn_SeaWorldOrlando&a_content=NA&a_type=Paid
https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-1626582ca7c4cb978.315577546582ca7c4cefc6.41566639
https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-1626582ca7c4cb978.315577546582ca7c4cefc6.41566639
https://dc.arrivalist.com/pj/proc.php?auid=8409712672512074528&rk=ckip-10-0-1-1626582ca7c4cb978.315577546582ca7c4cefc6.41566639
https://ib.adnxs.com/seg?add=10485666&redir=https://ad.doubleclick.net/ddm/activity/src=8227914;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8227914;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
401 B

187ms
79ms

Image
image/gif

2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8227914;dc_pre=CNPZ1bHvnYMDFT6-0QQdCwcM7Q;type=invmedia;cat=hqnmbr3k;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 44E9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1cac42c73919dccf9e2edd4b6a500b57b887176f6dcbee5226214779c0f36d1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 4003 50 KB
19 KB 52ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 547210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 03:05:22 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 10E1 38 KB
13 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 21019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 05:15:13 GMT
expires: Thu, 19 Dec 2024 05:15:13 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 44E9 0
0 67ms
67ms Fetch
image/gif 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssziSlBlrx4oZMtXSyJJYLc7_bk1tPNqsExz3g4ZOy5gjFMdWV8db39vbGpo_XicipHSR63jDxcH8yccK4AACMvuxcSxGiDs1L9s_NaYa0YmPyItJhaM4AK7_2OEcrGkU-KbWlFHsuxUQhJTBVTt7-DHwNZuMimW9x_eCj5-Ei9zTPm&sai=AMfl-YRnutEjWuKYYiUwkWRpo_tc1k695jmFmiVLMoG-aSexoB7JVTjecshwBqE8H2eTifVlN-rD81FZJbjPeleSngYPNXJT_qs61Zx1Jg&sig=Cg0ArKJSzMD_fLeC5WYKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=215&vt=11&dtpt=214&dett=2&cstd=0&cisv=r20231207.73092&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 10E1 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 08:57:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10E1 0
20 B 68ms
68ms Image
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bv2-gfMqCZdfvA6y4oPMPxsSYgAEAAAAAOAHgBAI&bg=!jo2ljcLNAAY3kmNgF5I7ADQBe5WfOOzjj88N2E8HijG-3Vkog_O4YYd9iQ91L_T-QSvX7Wly3I08AkMyfl2QMTvQPXj9AgAAAEZSAAAAAmgBBwoAUBCbdu83f5LxLK6VTXCrj6QOlVQUwgPef4MLzrVgrES21zBdgpZiKSruGoVWA875b6m-5XmwRFbC2sTRQdHoQLM0Vvc9-UAi2GMUSfblZuwZmQM-04Wj28zhNKX37E2WNhyckfh5pVEzhyoVUamKWtgytoSuknReIyfxQPrLFSKtEM_47NvPwOE1ctVLw1VtXFXTIez5LzedbYW__0477PaZsXNp92mQA98hiD0e_G-bzmBnZhlpH8ZVOETXcGfr9NuD3fZD5yFqpT__QPhxS4TvM5SZrH3lQiaj4_3ePQGe3yx-ukNgOaJ5OsMZAxOYemr05arCq_MGpTJ2qblztY61VjQcihfUJQKLr4XncJVfz2wTH9LEevlrlC-ay7V8t5fBUnkQ8zhYW263AMbQFK0rSCK4WYHNPU_XoNHzLjCEtEbUV2Kj53l7K0dWOU83tQ_IDcRTixA9H-urRp3W4zzQY1PKNtxZJii8cwOFFNsX0QafNPuj8Ox8ddbekn3Tb6NpDkoE314qvm2P1P51fX0b8AQNnSdpjg1iXSBi8EP0IvAfo7PLC8lJGGp6bilw9aVBBS6he47JJdIhxKf5xlGdMfkhvSrbfdB0J4ozS-LKlBJtjqVEP1OfajENPTu855VRq4O2mJB9-i-EMacESJhoxFQ6RGatKCCM8k9l_pY3NViqo4TFcp2lxVxpNsIYykKY1GFUGKxb1AzLISfl9O4w2lcOBcyPHe5-NVn6r2QhhAyRS1SA2R-wtowORNBkYOSbhq021cFcIdK-JzPBRaBZ8hFaixBZIWtJvbaa8R4UMn0JrfDJOg5zrQyIEsgdjGASewESrbZfECgvW20RxpZJUR5VnJBRRbKjBFCvPSei9OpthFHpvig-9x5qHE2kRsxvjTcVhRR2NmqfgpU-nVl9pfczYzAK8RxIO7IGxwAUoqVR_qsG7NgDwZxRVyvPc4E05ON3ZUQbUjC1TmLDJ4XXaD1oAhcb6F86Hx6rTnuC7YQ_xmMTEbXhzWi4GylLyh_ByBVe7awjLWo-1Hu2O0sSO8PQ1EibE8B4aa48yZMuP190Mm-syLBt-NO6ZlTVL_40D7VGFzhiLzViwNT-BF5wpxfN8b9DyhFcoEsxwMlz6MSyxXFZVhKEAk36WRkTK-1Y52szUnyFXPigFJhkvwBMgbxZo1PbHsycKxLpn7y6kCty2Qw_qlEcaMfdWRoLRV8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB97 42 B
174 B 70ms
69ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQMt_bB8hDl7A8ENaQvig9Jh1yhiPYpFm2ZeR3uhQhD3rr4UW4tTRpjb85e0jSl0o3saloA91uk85Eciu-8BlZfuw4hcIfo5zCw4TLZyurF7ZoNWNnZLnzk8VkD9q71pAkh8nbbdlX28pP0eqIJJ8rzFB3&sai=AMfl-YQzdTVEvU_dZbVg25QAK0K-X-_MUvob4uZhLe3YWmSFgRB63FGsatXxO6x91w24Z9FvqNyMn3HMJwPsWkGuPm7fZDqGFxBb-Jit4pGn6drgAbEhFCLjYSHik18o-lKZ17PYVElASWSOydzSygxQ&sig=Cg0ArKJSzJDvPhigN-auEAE&cid=CAQSTgAvHhf_zxKkxdQgruI4ydGPmsSIHdg3brl_EOrYFeEZtTImZB4BFiQfABySwCVyY1tPifRLorbD6wPucasav2Kx5u2QUne9ocSdZeYDbhgB&id=lidar2&mcvt=1002&p=0,0,280,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=906005067&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703070330732&rpt=1129&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DEF9 42 B
108 B 70ms
70ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuVOF4jEj5s8xpyhoy4nKBeL0djwRShP1FRXWz7dTI7VS7in03u2eN4nho6DBtGrTRYi2FiTLO4g2hQxokheh1C8ydvOn7IbVRJwR_oE2vC7H5pAj17PKk7jXQn4-4VQmcPc0c7YJgSc6nUE0sIHP8MZl9&sai=AMfl-YSexCQ0fTXAAV0bonQSvhfquTvcTidre9sO-W4s213xpgMZT2vz2rQntFt1u6lrPE9I-hR9eXrBQ2F5CGRsmsMJqYoCbFZdmldM3u60H-INmcfo6uBLamwtERueDK4Q5GaxojbmpRnv6iEnKaaDLQ&sig=Cg0ArKJSzLI2A0Bl9w_IEAE&cid=CAQSTwAvHhf_nLoIU7qWWWkbPTewYwgNkZ4bCT7V0tuv6D4HSIdbPx5cNhP-HccAA65F-flBMDuiDwTR-t0mXCcTn4MhmIiETQAYqrb_ZJkpy_oYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4248008953&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703070330737&rpt=1206&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 44E9 0
0 67ms
67ms Fetch
image/gif 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-QIJKvJIDr7IBqmvu5HUpOgYp8b4mRZJ6gFr89kU2MlVH8VyTSor_5jXN-N7NbYkQAcOPoWXv21vou46LwAJrv6W8ZmOM3IkvF5U9heYRnD2T277ixhVbIlIUPJ4rLwlkdR3BTz88C5sZgk_ErulL9_76eHColKzEqjYL6cp9PBEUswHSBJHSbsOKsXG768mAfdoIxFdm2Manr166u0LjO1QmKYnVDnlujESW1nOT1EyK0qPKXTCPx8SqZE_rr2jYIGPuZME3uS49ekZsD76tLmUEv1w4tDhsK4MFgrrWeKYD1V2BmUDRfsRwSDj6fTTASXrKSXusPJLOLiWTt39ZpUIV8_bpJxdf1gfr0dLsrq2KIqdiJoh1N8JNyv8-LO6CsxEl6pv7m33oHpySfdH7xisQmtF6yt-KiSHNd-3yIvqgoZUzl-Pd99i6TyVkmERKBn9e_bQZlmhdUPKkiXV6pYFQLf-S1PgzkRlb7i47mOBd00G0LuqYbV3T4Hx9xLys5I1AGgxb_xcqXJnZDRgck1_ZK9mFht0yhhnKDcX6i4qHVCmIxh_yMhpVCSU_mSKmt5E0A98V3wqh0W6AbKcU2ZpZAymkqfz-u4dkL7Icna3ySZkVubbQE7GkGvRV6DChyzM-eQzTaw_Tt6XzrW3-MLWyqjNfyVqKBPX9wEmPrRtuzluFRbayC3IrCkoBt3ybEa-p2T-7GNLL0fSUVdJV9O3FrNJZEaFhd1LYTfy1dFdLHXyWfsU52pOvq-Mdf1DonSkhzjxBsb4egICDliUFvWYqLqZruuD8lIOkTmF2UEnTjmBTlAi_4rraus0jQyitBKSK35X6X2GTMvUywsaDuvUm4Pn3bpPYYFhSHHgsD_YnAIXECJsk4lfQR0O7Wh4LEd6hs9GfYDaQlfh4eSrRLwD3ZY42cmxYhYf5JJ3lXxCiS838UWpJiCSq6kIyWa6xiapVF-HdomxArF0F28Cbfj3JquGz2linO8SKPHYKBE1z4z2AF39drZetJW7cI0wMsVszfGB6qUMKzmoaxcKpQNGouP_ZwwcVUpCozsUSzjSisfvOCEcPuZxE7iIKH5hVFYL1XOybWqRd-ymWu0_Z9OltJ6DQxyGQVvbZ8foEuQJeLpL1wgkCTfBlH4hDSKu0sHHCjqMnxXyy0rzsRkUqa67nlgme9Yr8PcMGj5Fx7lvJ8m3UB4cYGsOH4kUTQC-1-aklrUNdkn3MFXTRm5jU0uvdTrkYmzhPZoTe-8DsE3ImUTNpEv5BK4Xa2UrftXokdBR3Y4CzsX0zDBF1fvHYYclud5mZR5ah&sai=AMfl-YSnN2IA1eJHPSAQu3t86OjGyLNCRYKK_xGypFlppCQ2NHXdk8GsmEU-j1-dWtXqkOnEy6a5ua6706qVqTMSsf4tzWtqiyqiO6VxJzj_FAAAsXfcvKdEDhk2AHZJzrmYZRGVanfLYgAJx7ssGTJ9Equ2QYJwP7B58jAtkf0j5mGqskD_QO1NDg93X6N3QANgapgP4Tx6VdoeIT934IO2JswvuFLncZ0Op0HP4OM-p-1eZZoKqP8DWdzTJKURXz_n-7HhLsCYJVoQVVWgudo31FLxErO_tQROvFv0LN2fdWS4yRVVVMEiOWJlSmpkj3TgT4Rq8MlwEHkgUDcoh66-2HXaOTFmE17QWgK_i5VlWApyXoufIzfixsA8fNJZMep9aAoBnpt2sDIiIBd2fCc6_hLrMo-aN3Qw00Ls49_VHeJjAA1Uo4-pSdd-ww_ORpBkyY0AkqD2OWPV9n2aozstj7zGB8MqXo1kt9MnymjAgLA88oZ7x1_j60_zjFYpvQ&sig=Cg0ArKJSzE4FMNrfGMg4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1429&vt=11&dtpt=1427&dett=4&cstd=0&cisv=r20231207.52555&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ena4pbsr.ar4tc.com
URL: https://ena4pbsr.ar4tc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
75ms XHR
application/json 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db77eef99fdedb3ede6d537a9e42c15c6f0b7eb372337e5407a1dfaa37400fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12201
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 11:05:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A83 13 KB
5 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 5690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:30:43 GMT
expires: Thu, 19 Dec 2024 09:30:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6175 829 B
992 B 67ms
66ms Document
text/html 2607:f8b0:4004:c09::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::69 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f535008c7400af7d33c203cebcb18961c3184ea49ec70db9d454d5ef6acfec0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fatr2yVd6iE3ysk3Lna7sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ena4pbsr.ar4tc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Fatr2yVd6iE3ysk3Lna7sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 11:05:33 GMT
expires: Wed, 20 Dec 2023 11:05:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A83 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 08:57:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6175 0
0 67ms
67ms Image
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1920329262083189&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44E9 42 B
64 B 71ms
70ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9wtLuki4gfQidJ1qJRfq4NMgFVA5ZKri8EipJUcEdp0GWB12jCokN6uvF9viK_MpFC4USNp8wbj1vHXCdWwc_RAtv-a0I9KZdkJZ6dLBBvDuB4S4Sqk-trPBbNDilVD07f5M84MtvdOk&sai=AMfl-YQfUxKHWI8ansl-g1Jc6YzAouGSDkAeeD1TpuM50bNjcPmKqlXFsvLnafTUxC9VaswZoOvBHp2WtMzSmcqfaGJsY1SwIVeQ6bQXXp7avOH3ovCsjl7vgu5mJDGgCg28-rrT3Frj57aaWfsvAoCcfg&sig=Cg0ArKJSzAFODlmqCegTEAE&cid=CAQSTwAvHhf_prUHYhfnOydbGv3-pMDCFRIJNBij9JNtz3RELzdlln61nDETm7EH-8fW_G7fmkEBFjlTDpRSzAG215WX5nx3IV29Xbmff4QcSfUYAQ&id=lidar2&mcvt=1010&p=0,0,94,728&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703070331639&rpt=754&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44E9 42 B
64 B 70ms
70ms Fetch
image/gif 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT8ovsYAitDmiCdZqFM77wPc76h7O1locUjolZvx4DaslvfFN4zs-1RnGnqkegCmCj1BhZ1nXuXmp7wO5i2cJLxYQN0SegsJ5zb9aDheGJdSPnl2Rb6YYyTHNroqs&sig=Cg0ArKJSzGiiZyB0Q45aEAE&id=lidar2&mcvt=1012&p=0,0,90,728&mtos=896,1012,1012,1012,1012&tos=896,116,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3276148316&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703070331639&rpt=757&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 11:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A83 0
10 B 52ms
52ms Image
text/plain 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pA9SFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 11:05:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1920329262083189&bg=!BwSlBEvNAAY3kmNgF5I7ADQBe5WfOMC56YgoSA-ENBcI8mTNpBfDgUFmZN2GeVTJb6iHoLuMKUrVwvgUICeABMkwLatFAgAAAE1SAAAAA2gBB5kC9fAnIcubxwtOJet76u8uLgeQR5ZRwQd8ESKEhpWR06Xz6YdRm1nACN8gUy1uGCwj6f6-iV50PTAWeOP5GMOua3Xzc5RGB6-SPviumK_R9BCc6gtjQW1wfz_M88lnWlMyPr_8JtUtraH4RZOFuJah5rkn67FQx16mqdCruMT7UoBDJcSavfObrB5uH_U5PIIPVG5Ix-odIoowCDksPom-ocTfl7YQ1nBt63HxR8FTBuCbhgCInWOlpyPtpkHRQi17tnf9Ia275LAVuJyz0RDSdsgQ-5frGBl_jQVGRM1O5YswVW6tGu0XhzKTea0Bvb7PBykgQ24Ye0QhEi1pRNgkRj7KfKB8KBMsNcwvvE3drS4ZtdEYRUaoQWiinFYGue15M_yRW_0GtD4yj8qQiWFtDHOne6ocFev1kN7mi_rD_8QqpxrGOm1PCLsC48Iyfot3RPT6pvuss_WfCwX30c8jI7qE6v6z7-A0W0HGstIwEW7S5q3KYTuugGR-N9CkQjzYYhdz9tGPglRUCmNeRk7fP4zHY2yzYQh8VXDFsy_1od2xYR2t2-nT0TutWdzLiy-A5MU1Gafayd3bWCxk5jBFeL1INP1VfVzHAb5SgOCZO_FH1oGvlbTLe2Di17Nmatg7Qhu2dFtjETLv4OUQ9iSGBgdPGk_gQ_NiLoefj1lckdwQcr8dQKOPd6m90U2PGRI4iKNi-THcvFpzEP8i16DozxjAJxoJgD94I70_GduJfqJ0g1tNZMvwkLHw7Bgu3vgImdj_x0lgCKB94xlVSB_iBfI5MX8ViunJQy1PaIapHKVfmKSwVLr7428gsbLpWYHgxFkKLf2thRqxOR3OMG-7xzMxPBXs9E5XtTGf4jwwlhCVOuEyI0f-RuswQ3wYW3bYJ_F4bLBeljQUFnM0DSHqlOQfRbRgskqlFxtqCfbnhD-m_gyDDPZUipN1kEViL1E4Sl93A7kEysX4-mOyJt_7Ul5f4mpsXr_DbCM0uZz60ejP70kAGW8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ena4pbsr.ar4tc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ar4tc.com/	1970-01-21 02:40:30	Name: _ga Value: GA1.1.330316227.1703070330
.ar4tc.com/	1970-01-21 02:40:30	Name: _ga_Q021TNSC8M Value: GS1.1.1703070330.1.0.1703070330.0.0.0
.ar4tc.com/	1970-01-21 02:26:06	Name: __gads Value: ID=d669b4e03806d46e:T=1703070330:RT=1703070330:S=ALNI_MaQSZ1rL3fFLYkOMtTITJktm3JLtg
.ar4tc.com/	1970-01-21 02:26:06	Name: __gpi Value: UID=00000dabc74f5b17:T=1703070330:RT=1703070330:S=ALNI_MaFqVJvzbBDMUSJ9by7e6Jcie-SDA
.doubleclick.net/	1970-01-21 02:40:30	Name: IDE Value: AHWqTUlnGVHqS8Avh5ukfMjmxe7PsH0fBZsmk6CBJ7FMmnKX4tXzrujzI1m6vmh9_cQ
.casalemedia.com/	1970-01-21 01:50:06	Name: CMID Value: ZYLKewTCGD1VHVErqI6OiQAA
.casalemedia.com/	1970-01-20 19:14:06	Name: CMPS Value: 1612
.casalemedia.com/	1970-01-20 19:14:06	Name: CMPRO Value: 1612
.adnxs.com/	1970-01-20 19:14:06	Name: uuid2 Value: 8409712672512074528
.doubleclick.net/	1970-01-20 21:23:42	Name: APC Value: AfxxVi7zfJ7mnqg4YDOflelG6Rzg3AuIqrMFcxnYQVR3oEihjjJAJQ
.doubleclick.net/	1970-01-20 17:04:33	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 19:14:06	Name: ar_debug Value: 1
.dc.arrivalist.com/	1970-01-21 01:50:06	Name: avlcnt Value: 1
.dc.arrivalist.com/	1970-01-21 01:50:06	Name: avlukey Value: 6582ca7c4cb978.31557754
.adnxs.com/	1970-01-20 19:14:06	Name: anj Value: dTM7k!M4.FCxrEQF']wIg2Il`ol8xm!fss0=Rq1QW::caoh]j4J>IH=J^Z3fK+N5%KM/PL>1gwk5+mXJs1pcWZ3e_D#DI2Z#DIgl#Xse8Wk%sw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
cm.g.doubleclick.net
dc.arrivalist.com
dsum-sec.casalemedia.com
ena4pbsr.ar4tc.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.251.111.154
172.253.122.155
172.253.62.149
172.253.63.155
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::69
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c17::65
2607:f8b0:4004:c19::95
2607:f8b0:4004:c19::9b
2607:f8b0:4004:c1d::84
2a02:4780:11:1358:0:1607:6d7d:2
54.80.35.249
68.67.160.76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13ec127636bdaa5505237b9be2f52680f78ebfdf57e40dae91f89984e30bb852
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
240284a7b22e7d0a88e739761dbac7c65ae95d372322b05fdd1dbb5fb289229b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
303e2fd434da0481dae2e6aa73176c0cb2f7ccfff2a7b92d808b522184466f2b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
359bc193db76ae74e68c82ba5479a73c132be273bdf318c3b2d0765cb8200b50
389dab54b2aa2666d0647920033e4712237599b64cbd44448a356c53f4a3a9d2
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6e5ad2bb44bcddaa230f5f856349ff47abb1de8bf846dd83f693dc03de0ad895
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7f535008c7400af7d33c203cebcb18961c3184ea49ec70db9d454d5ef6acfec0
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
87f5b92e3781babc778e63540d51aa7a321311a676f5a30a0dd0c095151361bc
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
908a60438f06277ddda458e7b5321b4206ccd75c4774145a5c7e927e0d51937c
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5ec05a5d24a0b91e6f6e4bbae860fbc4aecbc4d404a791231d0872f23313b45
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc5cfea6185546182a6b499de77a6af06d6177b5ed64bfc77c2acba89f1fad95
bd9c807459ea7bff92fd29406143635e5b66809cd86ac8cda999e7c46c649a9b
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
d41769b0f30fff6ca611778ea9e7e601a5923c01f3376c24096143b9b539ea6e
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db77eef99fdedb3ede6d537a9e42c15c6f0b7eb372337e5407a1dfaa37400fc2
e1cac42c73919dccf9e2edd4b6a500b57b887176f6dcbee5226214779c0f36d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e724a5cae327feeceec12e5bcdb2a683d7f9e6fc7a9bf1b1848927b7d0e98bd0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

ena4pbsr.ar4tc.com Open in urlscan Pro 2a02:4780:11:1358:0:1607:6d7d:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

92 %HTTPS

63 %IPv6

14 Domains

20 Subdomains

19 IPs

3 Countries

1275 kBTransfer

3397 kBSize

15 Cookies

19 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ena4pbsr.ar4tc.com Open in urlscan Pro
2a02:4780:11:1358:0:1607:6d7d:2 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

92 %
HTTPS

63 %
IPv6

14
Domains

20
Subdomains

19
IPs

3
Countries

1275 kB
Transfer

3397 kB
Size

15
Cookies

92 HTTP transactions
3 data transactions