vox.cc Open in urlscan Pro
2606:4700:3035::6815:4532 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://admin.ml/
Effective URL:
https://vox.cc/mi
Submission: On October 03 via api (October 3rd 2023, 5:21:48 am UTC) from US — Scanned from US

Summary HTTP 142 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 26 domains to perform 142 HTTP transactions. The main IP is 2606:4700:3035::6815:4532, located in United States and belongs to CLOUDFLARENET, US. The main domain is vox.cc.
TLS certificate: Issued by GTS CA 1P5 on August 29th 2023. Valid for: 3 months.

This is the only time vox.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:bdb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3035::6815:4532	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 40	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	42.236.74.130 42.236.74.130	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
6	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
4 5	2607:f8b0:400... 2607:f8b0:4004:c19::68	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.202.64.188 52.202.64.188	14618 (AMAZON-AES) (AMAZON-AES)
1 13	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
2 2	2600:1f18:4e9... 2600:1f18:4e9:5a05:d6bf:1e44:3d6f:f3c1	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	192.184.69.201 192.184.69.201	16509 (AMAZON-02) (AMAZON-02)
2 2	44.215.9.43 44.215.9.43	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	35.169.220.23 35.169.220.23	14618 (AMAZON-AES) (AMAZON-AES)
1 1	184.25.127.143 184.25.127.143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
5	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
142	23

1 2606:4700:3033::ac43:bdb1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

admin.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:4532 (United States)

ASN13335 (CLOUDFLARENET, US)

vox.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2607:f8b0:4004:c1d::9b (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.236.74.130 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::9d (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c19::68 (Washington, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.64.188 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-64-188.compute-1.amazonaws.com

t.pswec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.253.115.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4e9:5a05:d6bf:1e44:3d6f:f3c1 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Ulyanovsk, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.69.201 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.215.9.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-9-43.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.220.23 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-220-23.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.127.143 (Sterling, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-127-143.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	701 KB
35	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	196 KB
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 897 imageproxy.us.criteo.net — Cisco Umbrella Rank: 5260 csm.us.criteo.net — Cisco Umbrella Rank: 5069	181 KB
7	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 4918 rtb.va.us.criteo.com — Cisco Umbrella Rank: 10891 dis.criteo.com — Cisco Umbrella Rank: 910 cat.va.us.criteo.com — Cisco Umbrella Rank: 5006	91 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	411 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	600 B
6	vox.cc vox.cc	42 KB
5	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 11	370 B
4	gstatic.com www.gstatic.com	32 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 4716	954 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	1 KB
2	pswec.com 2 redirects t.pswec.com — Cisco Umbrella Rank: 6689	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	5 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	888 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2679	702 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 4633	1 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11243	598 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	463 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	675 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 13762	623 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	174 B
1	51.la js.users.51.la — Cisco Umbrella Rank: 75532 ia.51.la Failed	3 KB
1	admin.ml 1 redirects admin.ml	444 B
142	26

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net
22	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
20	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
13	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	vox.cc pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	www.googletagservices.com	googleads.g.doubleclick.net
6	www.googleadservices.com	googleads.g.doubleclick.net vox.cc
6	vox.cc	vox.cc
5	imageproxy.us.criteo.net	ads.us.criteo.com
5	www.google.com	4 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	an.yandex.ru	2 redirects googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	csm.us.criteo.net	ads.us.criteo.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	t.pswec.com	2 redirects
2	rtb.va.us.criteo.com	googleads.g.doubleclick.net
2	ads.us.criteo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	analytics.pangle-ads.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	a.rfihub.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	t.adx.opera.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	js.users.51.la	vox.cc
1	admin.ml	1 redirects
0	ia.51.la Failed	vox.cc
142	35

This site contains links to these domains. Also see Links.

Domain
dan.com
themeisle.com
wordpress.org

Subject Issuer	Validity	Valid
vox.cc GTS CA 1P5	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-01` - `2023-12-02`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2023-12-17`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://vox.cc/mi
Frame ID: 379CCCDEA6A7D71D5B9FD10134FA646A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html
Frame ID: 5FC3168D76DE5369B998C0F838B007B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&adk=3105533540&adf=2621220088&lmt=1696346503&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fvox.cc%2Fmi&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310503308&bpp=12&bdt=1017&idt=364&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4197050320601&frm=20&pv=2&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: 4EAC90D9079FAA27385C9233B5DDF9BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=991895601&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1696346503&rafmt=1&to=qs&pwprc=1064502368&format=1140x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310503320&bpp=2&bdt=1030&idt=389&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rP47FGHjWw&p=https%3A//vox.cc&dtd=393
Frame ID: 08F02B28D86A613889697B5FCEE239C8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8A64E238E4DE02655966AD6EBA1A7721
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: F8A616B4E897A56306623AABACBAE03F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6
Frame ID: 69B2325092963C1316766E4F3DD1B2E6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=625037661&adf=1092824165&pi=t.aa~a.1075661085~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2873&idt=1&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280%2C1200x280&nras=4&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Gw50wyItXg&p=https%3A//vox.cc&dtd=11
Frame ID: 7F5B9319734A67EF86E1B22B8A9AE3C9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0815C3C75327C67FDD93EDD6B9D3FAA8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: E8B95790670F50A867D922E612AC170E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 65A4C7C31A75DEDCB6CF332F181F4553
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6310B8D02844AF0707A3D57EA6A75D7B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1BBBE0082E0668A37AE8F17B647B36C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B69B1955B9C0C9BB37AA7A83BCFEAFA
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRuk6QADS0QE0bIFAA17dU9q_2sVU5pkozaQKw&u=%7C6SncL92YyKLlPo%2BvbwDL%2B0rZipWvndFFLt8C0onTHR8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3bgp24c8eiT38XY7TXVpZGTt8e31cMXcJ0S1ySGsOKYTdELNuBtDmmUwN3bFkgkC6HkYJY3G78HnSCcT3uvbrEP8_UbeT5G1cM0nxd8ufHtsf_EL8tWfpxFZm4FVxw5kQoBYovl68gkBXce6XzWdnkGT5qodBxUmMRfLPyBAXsL8vr1QPOY4ZjesoiCS5Ijgf18nP-Yx-nJk3zk2221eCr7YtdHDK8D8cS5t0V4f3i31gVrUuUENUbaVL7gHKs30xUbGAP_7DkCW_FfakhtqmoB1QPZdKXNBiMGEjDr8QLFbeoRgWKd0gP--KPPlkclRAMM-GenJMlHtQIAwssj1RqeOYMm9mFdlkO3cR0yLOl3_SroQbSQyfDeWP67v1QpG6GVTUL-CHqHnQQMgr73--kp2D-_vNURIybR0SiSJgpbv2-PprqTFUuch-vi01HIh9LjX6uEg21z1yFMwWwMc-0Bjx6Fw-u6G1FQDC-RI0ehtz141F2W4LrLpwfasYQfMPupvlsmXDs0Xy54dYoAw9aN5LcV3BGeTaCXN2R0ccyrhnR83SOZJtlRK5dds_2Bs7A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC361s6aQbZcSWDYXkxtYP9fa1yAicge-wXIqilqS0AcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBLABT9CwyD5ZNu91LGSMZBFbMlZ5kb-y2RKYo8AwcPF8VWTe5zPYp-2BXJUiTUvCQVSsIiSVW65TlH5R6pfNZx0JVX7Pi7yNLtD67iQ251YqsG45lz-S2f_1SomKZcBcXHq-VtMiGZTug8UMH3Qum-WLiDOTpiP3BwuoOcvcxrNLEJIDMlfN4at4n_HL6VUpIPrleeXjZS4trtGlb0J78Xdsz_HKeFLpC3iBCIhGqXEITXiABvGu__HpxKHBowGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3caRDogTxc1xKF81nLudXrIGmIfg%26client%3Dca-pub-2587532934367282%26adurl%3D
Frame ID: 804221D4D4478D6E90793913E02B155F
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B002772D3E2DECE923954ABE1897E87
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRuk6QADXmsE0bzVAAu1YsuM9qA_HXYpdySlyA&u=%7C6SncL92YyKJzSKQUBxUTCsXofn%2F%2BKpJ2FD%2Bj4ld6iQo%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3bgp24c8eiT32SY9tZVnMOWRb1GpMbejXspWYmEvKY6MC34VriPOwUn5tGjFKmxx7SUXL5m7kfT42GNF1m-4lBx2eJDJiixYIxCZRwgBic3APiuNGsgy6Cjw1cWYCMVdUs1YfzYP8e346PNyJC-uxlebFTDJJW3sscz4BXxk0_tUYoUqcFIbL3XoaP0Z2goQYY4jCtqk_mT_kj88pg_OU1U00suanFh7THKegmki_uDqvOfipTJA0QACuU8jV-YIJZ7cXIaczyuspXri3drrp-yIOKAAu2zCHj5b0G4os-SxONfr6E--QiGs0DElqtt7IoYbaDhfa3A_ZD-JwaXAboGDO1EkOA_KQ8Gv2x9ucTdcPS7Fr64rUrhKAKuNGiOnTDR91WgE1n9fb64_cf8bfbv7nAvgh5xIi1ES4J_-HaH_tSw_pOG5yZjmO3qM2g1I6pePElhyJR07AdzPv_BYJz2yfybiL8jbbk8Fvkicb8kh8geuGq2yacSsqgnwNWiCp_IQIfs0Z2NpuoGOAIIorpJ4yKC0u4LTOq3ATRunirVFy2TCTrGK2n5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W306aQbZeu8DdX5xtYP4uquuAWcge-wXLLtt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBLABT9DGbxzBfzmes7Jx3StiWVpnx6DqYt108BQyw64-OJM0Y2WbWa40tfFN0pCkUau5AVZh4-0kaXAe8qeHXfTK0Qfmj-OJQM9Ty5Ys0uTWfQ2xcFQsYtUDSKuUwoVBSY44fvo-aPSN6-9VC5bEeyA6zvMfo4wkv4qXAZBjGrl17078ax0FNToZqp-Npx3yKx_rlUXWgIRSZQGkDmpmiEpZZ3-q3o69Uag3QZBm1TepAQKABsnH_frd-O6SF6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3anNNuLjYddQ3iFbUcN0Vgbe6gZQ%26client%3Dca-pub-2587532934367282%26adurl%3D
Frame ID: BC6DF930ECF13E7A9873A3ED66E3CC5B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96837D33F289CC52F593C48A02441281
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C6C2F00985B14D3153DEFE9875F4964F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 358807E380CD4C0E88900B93F5C4EA4E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: E5220CD6900FCDAE35B9C331EF21DFB5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: 61E87FB9636EB58EF733A40F6DED0E24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: B9B6811329F122B2933793B8AB4E8C5D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: B21BE6290BB943DDC13B0752FA10D493
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Domain Name List – Dong.li

Page URL History Show full URLs

https://admin.ml/ HTTP 301
https://vox.cc/mi Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

142
Requests

89 %
HTTPS

52 %
IPv6

26
Domains

35
Subdomains

23
IPs

4
Countries

1665 kB
Transfer

4380 kB
Size

33
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://dan.com/zh-cn/domain-seller/domain-seller-6865d085-2ad6-4793-9e46-09c037851bb6
Title: Domain Shop

Search URL Search Domain Scan URL

URL: https://themeisle.com/themes/neve/
Title: Neve

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://admin.ml/ HTTP 301
https://vox.cc/mi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://googleads.g.doubleclick.net/pagead/adview?ai=CQPLi56QbZeq0LruuxtYPifKB2Aa_hOuoc5jryenvEGQQASCEgdYlYMmGgIDco8QQoAHXrpL7AsgBAqgDAcgDyQSqBLkBT9Baog_Xs96ZmKHBxGn3ouAY0a4NvYWIcZ965DVdWp55t-zZcAX5jrqLca3Kurid701b_AAtixDKG6z_JL9wWTKlvWnqwIWh_wKsx1G5735zppYV5I-ryY7Stbr_FSyhBZdi_MQnSO8BHBTRVMx7-F35MhnhK83puK8Ap5iUP7jP_Zu5SqUgBMqIqg4tUtkUOeumueHrRS7rnPECVbrqeeK6tikEl7ZvumqwYhHa5DjCzZWKJFyfAa_ABL-Uk7iJA4gFtrmunyiSBQQIBBgBkgUECAUYBKAGAoAHkdHthAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDuxAfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJUGh0dHBzOi8vd3d3LmxpdHRsZXByaW5jZXNzc3BhLmNvbS9oYWxsYW5kYWxlYmVhY2gvcHJvZHVjdC1jYXRlZ29yeS9wcmluY2Vzcy1zcGEvgAoByAsB2gwRCgsQ4MWftq-82JXiARICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjU4NzUzMjkzNDM2NzI4MhgA&sigh=8NUD1Xplk-0&uach_m=[UACH]&ase=2&cid=CAQSTADICaaNoaV73YG9o1a2jGjhrp9UBuey5kP6pfMwKKAbGrPK5IyTt8RRQPoOtXLKEYC5QioZfB1-Bp0fQEHBu666UFObD07M2VEV5L4YAQ&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9366ee21f1cd8d90000000000000000%22,%222%22:%220x8551b14e191d43d20000000000000000%22,%223%22:%220xbf7cb5179d2527350000000000000000%22,%224%22:%220xa6c0eeeda73cffbd0000000000000000%22,%225%22:%220x771f49a90757ae2f0000000000000000%22},%22debug_key%22:%222585034934657283960%22,%22debug_reporting%22:true,%22destination%22:%22https://littleprincessspa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22795121495%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22177599916806811185%22}&andc=true

Request Chain 22

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGCd-yXi_qZB1vElrBdrL6k&google_cver=1&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXfXV0y8yEHEr4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGCd-yXi_qZB1vElrBdrL6k&google_cver=1&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXfXV0y8yEHEr4 HTTP 302
https://t.pswec.com/bsw_sync?ssp=google&bsw_user_id=4c5747b6-ebf5-4ec2-9a5a-ea1e7e1a8375 HTTP 302
https://t.pswec.com/ul_cb/bsw_sync?ssp=google&bsw_user_id=4c5747b6-ebf5-4ec2-9a5a-ea1e7e1a8375 HTTP 302
https://x.bidswitch.net/sync?dsp_id=2&user_id=bed23ece-b61c-4363-97e5-c6a0101b09c6&expires=3&user_group=1&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXfXV0y8yEHEr4&google_hm=TFdHtuv1TsKaWuoefhqDdQ==

Request Chain 78

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOoD5VmQo6TmIlQFKChW67Q&google_cver=1&google_push=AXcoOmTRnH5qCyhNcbiyHlhOmhIouMFrsodtzC82Zw20z6RrLPN6bUVIFJfYCNdQIkCls3GVJDGtpxM4Ot9h3LHx7JLX1MwXDluAOeE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTRnH5qCyhNcbiyHlhOmhIouMFrsodtzC82Zw20z6RrLPN6bUVIFJfYCNdQIkCls3GVJDGtpxM4Ot9h3LHx7JLX1MwXDluAOeE&google_hm=eS1ETk5SMWNORTJwSHJGZS5wN3h4eHhRSjdOYkd4VVlSNn5B

Request Chain 80

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMUBkns1G3Mghu7WerVaSEc&google_cver=1&google_push=AXcoOmRprvVnnA_wMy6Wu2QQCRLrsbp_3YqO-4NzgOrOS_cD8yievvH50sJAsfv7LtAFqaz84Ag8M-xdFJDGFqh0sB6dcV4Fs5nT2yyR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRprvVnnA_wMy6Wu2QQCRLrsbp_3YqO-4NzgOrOS_cD8yievvH50sJAsfv7LtAFqaz84Ag8M-xdFJDGFqh0sB6dcV4Fs5nT2yyR&google_hm=gblcDWnuTfyL9ZlN5AwVDEU

Request Chain 81

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRLwDsGZlpX8BonjDUrX4sBiUcF0yV8JZL_3Kd55zl4ZArftQRAQlwv2wsPQBVzOTPPICxOWDNz97oSHitbE62338EPljXR1DU&google_gid=CAESEGaxzPqtyK-f-78NynLoGxU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaxzPqtyK-f-78NynLoGxU&google_hm=T1BVNWE2MjIxZThlMGIwNDIzNzhiZmY2MmQwYzEyMzQzZTE&google_nid=opera_norway_as&google_push=AXcoOmRLwDsGZlpX8BonjDUrX4sBiUcF0yV8JZL_3Kd55zl4ZArftQRAQlwv2wsPQBVzOTPPICxOWDNz97oSHitbE62338EPljXR1DU

Request Chain 82

https://an.yandex.ru/mapuid/google/CAESELxi5CCm6DvYMO3o-tlTIR0?ext-param=AXcoOmRTZ7J0MxaBcWfti_vcZl4y8TkEhdTAumP3csO6jeV0WYe0HieVxlB-ophsDnE1z6elrSAUyC8dZaa8EG7bKfy_UUJPZ-A08zg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESELxi5CCm6DvYMO3o-tlTIR0?redir-setuniq=1&ext-param=AXcoOmRTZ7J0MxaBcWfti_vcZl4y8TkEhdTAumP3csO6jeV0WYe0HieVxlB-ophsDnE1z6elrSAUyC8dZaa8EG7bKfy_UUJPZ-A08zg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELxi5CCm6DvYMO3o-tlTIR0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 93

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cver=1&google_push=AXcoOmRkxFRyAF6McSaeOvJB7YsXr_GrEO3aRXfV_UeotFYcBbpLIP5uQfAJ5SIumGP-eHG9jaVsW5bt58zXHBHaV3kLUdKcIcS7yF90esyY35GOllj5O1DLwvzYPXJ4FkdeU5u8JGA2RVfaCtTXkojMEvo-qd8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cver=1&google_push=AXcoOmRkxFRyAF6McSaeOvJB7YsXr_GrEO3aRXfV_UeotFYcBbpLIP5uQfAJ5SIumGP-eHG9jaVsW5bt58zXHBHaV3kLUdKcIcS7yF90esyY35GOllj5O1DLwvzYPXJ4FkdeU5u8JGA2RVfaCtTXkojMEvo-qd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3RXaW9RV20xUU54UVI1&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cver=1&google_push=AXcoOmRkxFRyAF6McSaeOvJB7YsXr_GrEO3aRXfV_UeotFYcBbpLIP5uQfAJ5SIumGP-eHG9jaVsW5bt58zXHBHaV3kLUdKcIcS7yF90esyY35GOllj5O1DLwvzYPXJ4FkdeU5u8JGA2RVfaCtTXkojMEvo-qd8

Request Chain 94

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGKrwuQq4N9seLD2zHGbwA4&google_cver=1&google_push=AXcoOmQEvhePWkhDdXvRf5W4MH3vbL6Xrm63Za-5vwK4sECR4L0YQtWVkALkvpsBZwSjFd_k15iIpgN1sgKhyaAIF63YVK-XfKsEYN5pYZ9vkM7M-Ba8X6hoUoaPy_K56NYVzffGg9tzy0i3ognejUtgi6s3fNc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=enGKza-fTpQwOxmsC9gdVA&google_push=AXcoOmQEvhePWkhDdXvRf5W4MH3vbL6Xrm63Za-5vwK4sECR4L0YQtWVkALkvpsBZwSjFd_k15iIpgN1sgKhyaAIF63YVK-XfKsEYN5pYZ9vkM7M-Ba8X6hoUoaPy_K56NYVzffGg9tzy0i3ognejUtgi6s3fNc

Request Chain 95

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOoD5VmQo6TmIlQFKChW67Q&google_cver=1&google_push=AXcoOmRSaOmUSOexUSOrGPSkkMJfosNhUYysmvb0K4L5-SYDIBLLMY22GwUPIDPdAo0_WbwQ9S07uMdUean5-43lSDgv0HI12pIZUjJ48OIxOCKXx6FOVJBTVDzfrV0X_NgLwP_PEXMJTF2XGy3gmeuQZYjOavE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSaOmUSOexUSOrGPSkkMJfosNhUYysmvb0K4L5-SYDIBLLMY22GwUPIDPdAo0_WbwQ9S07uMdUean5-43lSDgv0HI12pIZUjJ48OIxOCKXx6FOVJBTVDzfrV0X_NgLwP_PEXMJTF2XGy3gmeuQZYjOavE&google_hm=eS1Iem5VMFpsRTJwRzIuTG0weHZkNWFpTHQxTHZILmRSdn5B

Request Chain 96

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECgptVtCL0-LciwBiAyhgEw&google_cver=1&google_push=AXcoOmQ8wmqfiCbbxAqoZSQ55pF67SSBUcegHs4EYdzf5PU-JJnDJJ7FVMOIAT9FKjk92xBwVEPKt3yWVD_afZjgojqV6gEjJPY-sWvvkaEaLlavsv01jzFSKyLeQXx-bZZjOQrst6n5EK955TfGe623lUeblNog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQ8wmqfiCbbxAqoZSQ55pF67SSBUcegHs4EYdzf5PU-JJnDJJ7FVMOIAT9FKjk92xBwVEPKt3yWVD_afZjgojqV6gEjJPY-sWvvkaEaLlavsv01jzFSKyLeQXx-bZZjOQrst6n5EK955TfGe623lUeblNog&google_hm=NjQyNTEwNDYwMTI5NDIyOTcwOA==

Request Chain 97

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJ2O4h9PY8ADE4VFqqITpsM&google_cver=1&google_push=AXcoOmRXipF-E3WLo9d92oV_pAPqLxRtJxlq-eMyTl2D6nFIp4dwdctl0NNZ-sM6jIv8q3fzDdSrAaUqfhpEyokDifEqaOXuQSbCeDrclFEkkJDjmY6AfR7DsCOngjOXKEmCs-pt5_eyEfwE-PFyQLDCvhwsqpD_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=nKBCszNu2EWvdckn-iTeRg&google_push=AXcoOmRXipF-E3WLo9d92oV_pAPqLxRtJxlq-eMyTl2D6nFIp4dwdctl0NNZ-sM6jIv8q3fzDdSrAaUqfhpEyokDifEqaOXuQSbCeDrclFEkkJDjmY6AfR7DsCOngjOXKEmCs-pt5_eyEfwE-PFyQLDCvhwsqpD_

Request Chain 98

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAitVoLkHo45LHVWz5dm_2c&google_cver=1&google_push=AXcoOmQB3SmjltXTmLnaN78Acv4PeCKEpFykb0UkLuxmnxB44jkLN-aOhSLvIVT1Qsg_ziTqnQRbnF7i0mG0K47eayv7hwddrps1o6U5iac5uqXdiO4TmoFrhk_6vpNRmYo4zqgUprkFvzYr4ALzLQn5jz5wzoj2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQB3SmjltXTmLnaN78Acv4PeCKEpFykb0UkLuxmnxB44jkLN-aOhSLvIVT1Qsg_ziTqnQRbnF7i0mG0K47eayv7hwddrps1o6U5iac5uqXdiO4TmoFrhk_6vpNRmYo4zqgUprkFvzYr4ALzLQn5jz5wzoj2

Request Chain 113

https://googleads.g.doubleclick.net/pagead/adview?ai=C-OmQ56QbZc_uLdbT0_wPhOql-AGthfSnc9ec3L7AENnZHhABIISB1iVgyYaAgNyjxBCgAY_t9LgDyAEDqAMByAPJBKoEsQFP0J0bNZFiR46Okg4ZlRElCAxGnc2pFEbwWywu4WmNwnv0L5029mTf2sOldgFpdV1ALsLXVIuxrio5QHQ1TYzeQYtOi00QwHA-MZn8r4FszHlk0i7TRSZnE1AIiD_V6t2p-EoQdxdkI1He1xBGJw72CSS7tJ5W8HSIU6o-C6ksz0kKWQC7lUh1Fw-ussTTov3DWr73K2zsLSZgYIqtivJIYe93-OhBjzjrcVxgYZNZOCHABIGHn9qaBIgFxd3Y4USgBgOAB9mSi0eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCK-wvSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJ1wFodHRwczovL3d3dy5oZWZ0eS5jb20vcHJvZHVjdHMvdHJhc2gtYmFncy91bHRyYS1zdHJvbmcta2l0Y2hlbi10cmFzaC1iYWdzP3V0bV9jYW1wYWlnbj1IRlRZV0JfTmF0aW9uYWxfR2VuX0NvbnRlbnRfTm9uQnJuZF9OdWxsX1dhc3RlQmFnc0ltYWdlQWRzQ1BNJnV0aWQ9SEZUWVdCX05hdGlvbmFsX0dlbl9Db250ZW50X05vbkJybmRfTnVsbF9XYXN0ZUJhZ3NJbWFnZUFkc0NQTYAKAcgLAdoMEQoLEKC0g8Pk24bepgESAgED2BMD0BUBmBYBgBcBshccChoIABIUcHViLTI1ODc1MzI5MzQzNjcyODIYAA&sigh=0djwV4LJRDk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaN0QDIEvwYWTvYEGt8UVC2e7AGCrkfQyVe-W30S7mYAHGGSBjzGk1JBSsbbxTKjiAWvyvICcLiWj3upg3NTZiHlk1NcaRZVeIYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x929bc16d80eca7a50000000000000000%22,%222%22:%220xaf20e7235ce833590000000000000000%22,%223%22:%220xbdba7e117212fbcc0000000000000000%22,%224%22:%220xacf3b9698ea19b830000000000000000%22,%225%22:%220x2e64363d870682cb0000000000000000%22},%22debug_key%22:%2212951542818275629562%22,%22debug_reporting%22:true,%22destination%22:%22https://hefty.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22924661391%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211118299122017714865%22}&andc=true

Request Chain 124

https://googleads.g.doubleclick.net/pagead/adview?ai=C6_6C56QbZc7uLdbT0_wPhOql-AHk9qL3cp6BubCmDfKzmfCRDhABIISB1iVgyYaAgNyjxBCgAbjdsNgDyAECqAMByAPJBKoErwFP0E_HgMabilm98SZPKcddv-lUeinxAz5gQlz7RLwSpZYu9XzIq-RcTF6rP6oBXXVuWB7HFAzBPcouheME90CXdk6qcr3ab_9cP8XmZOB8oKgaJfLqIR4GsSige2W_TqdlAcn20ca0Hlo8eGGaPJ1OYi84bpoXwWIPoH0lgRTIM_h8uvgSg1EyYzJEwxHEPVY2rQ8Xj8EBRb8weiMegXP124Ne5xaQmCUuhSHiyR__wAS0sPHFzQGIBaTznZkFkgUECAQYAZIFBAgFGASgBgKAB7CizyeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDk8QnSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJMGh0dHBzOi8vd3d3LmtpbHRyZW50YWx1c2EuY29tLz9fdnNyZWZkb209YWR3b3Jkc4AKAcgLAdoMEQoLELD0g62g0bXe4wESAgED2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI1ODc1MzI5MzQzNjcyODIYAA&sigh=ucKxgQYX2WE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaN0QDIEvwYWTvYEGt8UVC2e7AGCrkfQyVe-W30S7mYAHGGSBjzGk1JBSsbbxTKjiAWvyvICcLiWj3upg3NTZiHlk1NcaRZVeIYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa500cf3bc27707770000000000000000%22,%222%22:%220x5bbc3cd2555314cd0000000000000000%22,%223%22:%220x3e57cac6770a8ad80000000000000000%22,%224%22:%220x466865efed07c1ff0000000000000000%22,%225%22:%220x3fe425a7f09df8580000000000000000%22},%22debug_key%22:%2216429484960743244828%22,%22debug_reporting%22:true,%22destination%22:%22https://kiltrentalusa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990654136%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210126971809560261329%22}&andc=true

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

142 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mi Show response
vox.cc/
Redirect Chain

https://admin.ml/
https://vox.cc/mi

40 KB
9 KB

1557ms
1486ms

Document
text/html

2606:4700:3035::6815:4532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vox.cc/mi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c4f1d7bdf164eabd8ea2aa1b62c8fcf212d39c85bbcfebbab4f51765eedf9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8102be361ef309b6-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 05:21:42 GMT
link: <https://vox.cc/wp-json/>; rel="https://api.w.org/", <https://vox.cc/wp-json/wp/v2/pages/91>; rel="alternate"; type="application/json", <https://vox.cc/?p=91>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df1wn07HM8gMM8GVuOGy8oF4SZ2wzVKEwAFIr7mLepoWf5WPyHRziPcGLLaJzVt3f%2BEt75drLW3t2%2FgZql%2BnzrfL8JCzwWF8OlU18bRJPXiKg8nywW5mAtgA3FlSTkwmDlRJL9w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8102be357d2f4954-MIA
date: Tue, 03 Oct 2023 05:21:40 GMT
expires: Tue, 03 Oct 2023 06:21:40 GMT
location: https://vox.cc/mi
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZQPFRvA7A0ZDKe%2BpQLnSxKYVfi%2BQzMqn9DRiFZ9oBxCOIHtJAElQyyBsWPkTBqQqtWza94%2BxUTR2K2MP8HoENoh12xwoHZibIcdUEtYUd%2F1OhMQ7SnNgxMuS%2FgaQcv9bTaG8AXqPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
vox.cc/wp-includes/css/dist/block-library/ 102 KB
14 KB 982ms
981ms Stylesheet
text/css 2606:4700:3035::6815:4532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vox.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by: Host: vox.cc
URL: https://vox.cc/mi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/mi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Aug 2023 04:50:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3fc59-19824-6027639912aac"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1iMBZVyh2veKB%2BzXNKwQspazLl3%2FYM5Wi%2B1pQewkGHuNUgR9%2FBw4IUhbXFiDw6r8HzhjaRUaLhblTfWYfDXcQlkZQoRlpt%2FEph8tD3wAoJb0WNUvYJiG3qzJRKykishGpuh5xs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8102be3f6c7b09b6-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style-main-new.min.css
vox.cc/wp-content/themes/neve/ 38 KB
9 KB 948ms
947ms Stylesheet
text/css 2606:4700:3035::6815:4532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vox.cc/wp-content/themes/neve/style-main-new.min.css?ver=3.5.8
Requested by: Host: vox.cc
URL: https://vox.cc/mi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6424c6e5f6b1435d7f0d9394a96129b4c68c284d3e10beab9e1e17ec7f03444f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/mi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 20 May 2023 16:59:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"401db-97b8-5fc22f5d80881"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UY5rDJ%2F7pJQjUmxJK19kLoTvmbGpEc2q89IpAC3zAj%2FnwUt%2F7J12v0tB2J9ZFzhlv9Uxu%2FxVP5WVtB3AuDMDRyE4wO8KqGjCqhI6K5KPqlINe9SA2tG7qhPNkMYvG8Ux9I6f%2B%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8102be3f6c7c09b6-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
vox.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 37ms
36ms Script
application/javascript 2606:4700:3035::6815:4532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vox.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vox.cc
URL: https://vox.cc/mi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4532 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/mi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Sep 2023 11:52:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6514177e-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A0PfEmTkZ%2FVIRh1o7%2F8p0zPdPHuj5HCpd1yr%2Bggw8wx2Yqz9rLTwhUMHh6VOlatU6db0riK6NxHOEPVOkiPRLAJoh3F0aZ74rmCksRpK34ZioRGGvdzsejykV%2FgvvNSAmVIEDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8102be3f6c7d09b6-MIA
expires: Thu, 05 Oct 2023 05:21:42 GMT

GET
H2 200 frontend.js Show response
vox.cc/wp-content/themes/neve/assets/js/build/modern/ 7 KB
3 KB 990ms
989ms Script
application/javascript 2606:4700:3035::6815:4532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vox.cc/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.5.8
Requested by: Host: vox.cc
URL: https://vox.cc/mi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4542ff08e1ba2a0ed00a5cfad08d11576c7defed9058ea6edcbce62346ef2689

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/mi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:43 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 20 May 2023 16:59:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"400cc-1c1a-5fc22f5d7414a"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJii1Qb1NK61cqNnY4pUhUrYOHiPUdMh7XwprTuTBC8xkhgMcSBxHhndgysvoOiiMKIDje0TPsfcTUFQ%2FUM4YYx%2FBqx2CdsDj23e3yG21Ievarhi3LvFGNjVRvojC4KYztcbhqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8102be3f9c9709b6-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 179ms
72ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2587532934367282

Requested by

Host: vox.cc
URL: https://vox.cc/mi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ccd6343be05009a6a92c9b457cc7b27f06df0fb8deacf4538ce9b70782765c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Origin: https://vox.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50882
x-xss-protection: 0
server: cafe
etag: 6121670297070214484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:42 GMT

GET
H/1.1 200
OK 21656823.js Show response
js.users.51.la/ 5 KB
3 KB 1105ms
337ms Script
application/javascript 42.236.74.130
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21656823.js
Requested by: Host: vox.cc
URL: https://vox.cc/mi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.74.130 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: 79e50230d5937574c3bccdd2eb91e36328bfcf0e92e652da39013a54f8a146b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 05:22:36 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
BLOB 200
OK 54bdb3b5-ed90-4281-bf6f-a99a9c0222af
https://vox.cc/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vox.cc/54bdb3b5-ed90-4281-bf6f-a99a9c0222af
Requested by: Host: vox.cc
URL: https://vox.cc/mi
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 378 KB
128 KB 228ms
123ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2587532934367282

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9960d368fc440ca4f61822bd717791b6a446f4b1acea6bda10055ad025d9af4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131206
x-xss-protection: 0
server: cafe
etag: 14000403239530566496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/ Frame 5FC3 10 KB
5 KB 165ms
57ms Document
text/html 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2587532934367282

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 63753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 11:39:10 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 11:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET go1
ia.51.la/ 0
0

GET
H3 200 wp-emoji-release.min.js Show response
vox.cc/wp-includes/js/ 18 KB
5 KB 930ms
930ms Script
application/javascript 2606:4700:3035::6815:4532
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vox.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: vox.cc
URL: https://vox.cc/mi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4532 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/mi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 20 May 2023 12:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3fedf-4904-5fc1f0abe9080"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvGJdV0VzBlj62BugGk0OExEVYQIrSPRy5u%2BvDyi4JPDVNmPY%2FR5EBya9%2FWSun%2BXrhwxN4E32GkRCBBb9FJUQDOy219GTWsVLb6XALk9UwKhLFa%2FZiGDvXg6SretQSPGa6gLpdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8102be465c7d4c26-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
600 B 264ms
61ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vox.cc&callback=_gfp_s_&client=ca-pub-2587532934367282

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e46191530368e754389370b00669790ab10aac1ecce2334ce93a0b29d5d95117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4EAC 580 KB
107 KB 1389ms
1388ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&adk=3105533540&adf=2621220088&lmt=1696346503&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fvox.cc%2Fmi&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310503308&bpp=12&bdt=1017&idt=364&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4197050320601&frm=20&pv=2&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f24f834e30c99ef6e707e5a2a624a28f1b666e426be392f2b7c517050de2cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109800
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
expires: Tue, 03 Oct 2023 05:21:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08F0 87 KB
34 KB 508ms
507ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=991895601&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1696346503&rafmt=1&to=qs&pwprc=1064502368&format=1140x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310503320&bpp=2&bdt=1030&idt=389&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rP47FGHjWw&p=https%3A//vox.cc&dtd=393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ee290ba2cbdbfb6ad2f39d50631fbdc59d4f8f1cc022e9f77e233083829078d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34755
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:44 GMT
expires: Tue, 03 Oct 2023 05:21:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2236969413020054656
tpc.googlesyndication.com/simgad/ Frame 08F0 89 KB
89 KB 224ms
116ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2236969413020054656?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnejjrqRtsFwf_AFn897bRHcgnpqg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=991895601&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1696346503&rafmt=1&to=qs&pwprc=1064502368&format=1140x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310503320&bpp=2&bdt=1030&idt=389&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rP47FGHjWw&p=https%3A//vox.cc&dtd=393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed74f924c9115e58823e01bed6a3ca8fe602a57589373394e96f91c7d5d7e383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:44 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90652
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 22:26:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 05:21:44 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 08F0 23 KB
9 KB 166ms
59ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 08F0 3 KB
1 KB 161ms
67ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 08F0 20 KB
8 KB 147ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 08F0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQPLi56QbZeq0LruuxtYPifKB2Aa_hOuoc5jryenvEGQQASCEgdYlYMmGgIDco8QQoAHXrpL7AsgBAqgDAcgDyQSqBLkBT9Baog_Xs96ZmKHBxGn3ouAY0a4NvYWIcZ965DVdWp55t-zZcAX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9366ee21f1cd8d90000000000000000%22,%222%22:%220x8551b14e191d43d20000000000000000%22,%223%22:%220xbf7cb5...

0
0

171ms
69ms

Fetch
text/css

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xe9366ee21f1cd8d90000000000000000%22,%222%22:%220x8551b14e191d43d20000000000000000%22,%223%22:%220xbf7cb5179d2527350000000000000000%22,%224%22:%220xa6c0eeeda73cffbd0000000000000000%22,%225%22:%220x771f49a90757ae2f0000000000000000%22},%22debug_key%22:%222585034934657283960%22,%22debug_reporting%22:true,%22destination%22:%22https://littleprincessspa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22795121495%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22177599916806811185%22}&andc=true

Requested by

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xe9366ee21f1cd8d90000000000000000","2":"0x8551b14e191d43d20000000000000000","3":"0xbf7cb5179d2527350000000000000000","4":"0xa6c0eeeda73cffbd0000000000000000","5":"0x771f49a90757ae2f0000000000000000"},"debug_key":"2585034934657283960","debug_reporting":true,"destination":"https://littleprincessspa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["795121495"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"177599916806811185"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 05:21:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 05:21:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xe9366ee21f1cd8d90000000000000000","2":"0x8551b14e191d43d20000000000000000","3":"0xbf7cb5179d2527350000000000000000","4":"0xa6c0eeeda73cffbd0000000000000000","5":"0x771f49a90757ae2f0000000000000000"},"debug_key":"2585034934657283960","debug_reporting":true,"destination":"https://littleprincessspa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["795121495"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"177599916806811185"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A64 143 B
166 B 53ms
52ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=991895601&adf=2713021026&pi=t.aa~a.356315161~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1696346503&rafmt=1&to=qs&pwprc=1064502368&format=1140x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310503320&bpp=2&bdt=1030&idt=389&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rP47FGHjWw&p=https%3A//vox.cc&dtd=393
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08F0 187 KB
59 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 08F0 36 KB
14 KB 192ms
103ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
server: cafe
etag: 2376861509777232683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:52:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A64
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
64ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:44 GMT
expires: Tue, 03 Oct 2023 05:21:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 265ms
58ms Preflight
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 05:21:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 08F0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 232757a70a629d99561209113a151ce105f221949a1b0416058a07014508122c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame F8A6 37 KB
14 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:44:44 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ 154 KB
53 KB 73ms
72ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

925d29786f02bbfd40feb46ea64de637f0dfd6dbbd8880c27840c4867d2b1a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vox.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53731
x-xss-protection: 0
server: cafe
etag: 8390170499911406348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69B2 37 KB
16 KB 193ms
193ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d74be06477576d1bc76d3735720121617d1130917f66697188220c8715d9003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15902
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F5B 33 KB
14 KB 192ms
191ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=625037661&adf=1092824165&pi=t.aa~a.1075661085~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2873&idt=1&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280%2C1200x280&nras=4&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Gw50wyItXg&p=https%3A//vox.cc&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c27162c3ea0ff17f300ebc91b235a5ed019ca4dee56006ed708d6ba880d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame 0815 10 KB
4 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 23:26:53 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 23:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame E8B9 10 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 23:26:53 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 23:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame 65A4 10 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 23:26:53 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 23:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/ Frame 6310 10 KB
4 KB 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vox.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 23:26:53 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 23:26:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0815 4 KB
1 KB 169ms
63ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 03:59:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0815 205 B
652 B 159ms
52ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 05:53:37 GMT
x-content-type-options: nosniff
age: 430088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Sep 2024 05:53:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0815 604 B
696 B 160ms
52ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 05:43:13 GMT
x-content-type-options: nosniff
age: 430712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Sep 2024 05:43:13 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame 0815 15 KB
7 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 21:23:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 21:23:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/ Frame 0815 20 KB
8 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E8B9 2 KB
639 B 134ms
64ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 04:04:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E8B9 2 KB
973 B 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:27:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame E8B9 23 KB
9 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E8B9 3 KB
1 KB 56ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame E8B9 20 KB
8 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8B9 187 KB
59 KB 94ms
93ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame E8B9 36 KB
15 KB 117ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 05:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 05:48:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 65A4 23 KB
9 KB 52ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1BB 143 B
166 B 55ms
54ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 65A4 3 KB
1 KB 55ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 65A4 20 KB
8 KB 56ms
51ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H2 200 6426456253500168696
tpc.googlesyndication.com/simgad/ Frame 65A4 39 KB
39 KB 207ms
205ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6426456253500168696?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlKf0riLMf-N_NI0t5YNuYVbTYEEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d2a052c7696a8c339d36287b52abaad7e4a9e3a3dbe03b74771cca62ebade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39708
x-xss-protection: 0
last-modified: Tue, 08 May 2018 22:33:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 05:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65A4 187 KB
59 KB 92ms
92ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 65A4 36 KB
14 KB 56ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
server: cafe
etag: 2376861509777232683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:52:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame 6310 23 KB
9 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B69 143 B
166 B 53ms
53ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 6310 3 KB
1 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 6310 20 KB
8 KB 69ms
68ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H2 200 16120586746842355275
tpc.googlesyndication.com/simgad/ Frame 6310 97 KB
97 KB 73ms
72ms Image
image/gif 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16120586746842355275

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d0494387af5c56ed1325acb496717c5cee136594c7541c0c440c63d8ecd9209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:12:19 GMT
x-content-type-options: nosniff
age: 490166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98986
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:58:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 13:12:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6310 187 KB
59 KB 78ms
78ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 6310 36 KB
14 KB 101ms
101ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14668
x-xss-protection: 0
server: cafe
etag: 2376861509777232683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:52:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 69B2 3 KB
1 KB 96ms
95ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 69B2 20 KB
8 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 69B2 0
0 66ms
65ms Image
text/html 2607:f8b0:4004:c19::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgXA8RahAtAkbbhxtnX5EdzB33lIe8WUCyZM722qZ-skCNJknQvqIN55G07c2om44UIHTHB115tlJHA6wYGKsGl_EbvA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69B2 187 KB
59 KB 119ms
118ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 7F5B 3 KB
1 KB 88ms
85ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=625037661&adf=1092824165&pi=t.aa~a.1075661085~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2873&idt=1&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280%2C1200x280&nras=4&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Gw50wyItXg&p=https%3A//vox.cc&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame 7F5B 20 KB
8 KB 88ms
85ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F5B 187 KB
59 KB 78ms
76ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 8042 151 KB
51 KB 254ms
155ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRuk6QADS0QE0bIFAA17dU9q_2sVU5pkozaQKw&u=%7C6SncL92YyKLlPo%2BvbwDL%2B0rZipWvndFFLt8C0onTHR8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3bgp24c8eiT38XY7TXVpZGTt8e31cMXcJ0S1ySGsOKYTdELNuBtDmmUwN3bFkgkC6HkYJY3G78HnSCcT3uvbrEP8_UbeT5G1cM0nxd8ufHtsf_EL8tWfpxFZm4FVxw5kQoBYovl68gkBXce6XzWdnkGT5qodBxUmMRfLPyBAXsL8vr1QPOY4ZjesoiCS5Ijgf18nP-Yx-nJk3zk2221eCr7YtdHDK8D8cS5t0V4f3i31gVrUuUENUbaVL7gHKs30xUbGAP_7DkCW_FfakhtqmoB1QPZdKXNBiMGEjDr8QLFbeoRgWKd0gP--KPPlkclRAMM-GenJMlHtQIAwssj1RqeOYMm9mFdlkO3cR0yLOl3_SroQbSQyfDeWP67v1QpG6GVTUL-CHqHnQQMgr73--kp2D-_vNURIybR0SiSJgpbv2-PprqTFUuch-vi01HIh9LjX6uEg21z1yFMwWwMc-0Bjx6Fw-u6G1FQDC-RI0ehtz141F2W4LrLpwfasYQfMPupvlsmXDs0Xy54dYoAw9aN5LcV3BGeTaCXN2R0ccyrhnR83SOZJtlRK5dds_2Bs7A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC361s6aQbZcSWDYXkxtYP9fa1yAicge-wXIqilqS0AcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBLABT9CwyD5ZNu91LGSMZBFbMlZ5kb-y2RKYo8AwcPF8VWTe5zPYp-2BXJUiTUvCQVSsIiSVW65TlH5R6pfNZx0JVX7Pi7yNLtD67iQ251YqsG45lz-S2f_1SomKZcBcXHq-VtMiGZTug8UMH3Qum-WLiDOTpiP3BwuoOcvcxrNLEJIDMlfN4at4n_HL6VUpIPrleeXjZS4trtGlb0J78Xdsz_HKeFLpC3iBCIhGqXEITXiABvGu__HpxKHBowGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3caRDogTxc1xKF81nLudXrIGmIfg%26client%3Dca-pub-2587532934367282%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

63ed430cfe5d47fd872b79b25dff7c69f6367a950604fe72144f6441112188b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=QaQrLnp3O_PuVKGQ-YnbcX-qdOD6567tyQe9LgCXJiRZT4Cqa02xwB4Pa2YYthHIqWybWfUf5N0tl0sEWuAAgVrTng8iEJtdBfCv2-FwsbW0pWig0a445x06crlL8lmJOkfsG9sCOmIqPyCBIAMOJxnf8eUpL9lJjktCr1Rkhl0Nhs_xobD-aw8zlb8gFW0DsBs5y424aALEnsJKbcACyD7u9rEwEeg8ycAIsjx3gee5LK_S2Z3513YFLhvObGrLx_CysQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69485840
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6B00 1 KB
646 B 54ms
53ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:00:29 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 22:00:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F5B 0
0 99ms
98ms Fetch
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiI7k6aQbZeu8DdX5xtYP4uquuAWcge-wXLLtt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBK0BT9DGbxzBfzmes7Jx3StiWVpnx6DqYt108BQyw64-OJM0Y2WbWa40tfFN0pCkUau5AVZh4-0kaXAe8qeHXfTK0Qfmj-OJQM9Ty5Ys0uTWfQ2xcFQsYtUDSKuUwoVBSY44fvo-aPSN6-9VC5bEeyA6zvMfo4wkv4qXAZBjGrl17078ax0FNToZqt2Ph480lvSRHK7pVAhrgqUVAUJvplKd_IzQV0cDT4QvwFTy7NCABsnH_frd-O6SF6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjU4NzUzMjkzNDM2NzI4MhgA&sigh=_f1h27YPQFw&uach_m=[UACH]&cid=CAQSPADICaaN4BFeT5klfCf2BSkar6foCCbswYLGkn3TkgnrYkeJor1R07_oy03pVrYJC22muJcoQI580T2J_xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=625037661&adf=1092824165&pi=t.aa~a.1075661085~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2873&idt=1&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280%2C1200x280&nras=4&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Gw50wyItXg&p=https%3A//vox.cc&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 05:21:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 7F5B 0
0 155ms
50ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOSJF836RLAJmALiIp0XAgAAADtk0p4CKrleEOikG2UbZ0pbZTLnzlIOAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRuk6QADXmsE0bzVAAu1YsuM9qA_HXYpdySlyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 154409
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame BC6D 105 KB
39 KB 170ms
75ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZRuk6QADXmsE0bzVAAu1YsuM9qA_HXYpdySlyA&u=%7C6SncL92YyKJzSKQUBxUTCsXofn%2F%2BKpJ2FD%2Bj4ld6iQo%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3bgp24c8eiT32SY9tZVnMOWRb1GpMbejXspWYmEvKY6MC34VriPOwUn5tGjFKmxx7SUXL5m7kfT42GNF1m-4lBx2eJDJiixYIxCZRwgBic3APiuNGsgy6Cjw1cWYCMVdUs1YfzYP8e346PNyJC-uxlebFTDJJW3sscz4BXxk0_tUYoUqcFIbL3XoaP0Z2goQYY4jCtqk_mT_kj88pg_OU1U00suanFh7THKegmki_uDqvOfipTJA0QACuU8jV-YIJZ7cXIaczyuspXri3drrp-yIOKAAu2zCHj5b0G4os-SxONfr6E--QiGs0DElqtt7IoYbaDhfa3A_ZD-JwaXAboGDO1EkOA_KQ8Gv2x9ucTdcPS7Fr64rUrhKAKuNGiOnTDR91WgE1n9fb64_cf8bfbv7nAvgh5xIi1ES4J_-HaH_tSw_pOG5yZjmO3qM2g1I6pePElhyJR07AdzPv_BYJz2yfybiL8jbbk8Fvkicb8kh8geuGq2yacSsqgnwNWiCp_IQIfs0Z2NpuoGOAIIorpJ4yKC0u4LTOq3ATRunirVFy2TCTrGK2n5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W306aQbZeu8DdX5xtYP4uquuAWcge-wXLLtt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBLABT9DGbxzBfzmes7Jx3StiWVpnx6DqYt108BQyw64-OJM0Y2WbWa40tfFN0pCkUau5AVZh4-0kaXAe8qeHXfTK0Qfmj-OJQM9Ty5Ys0uTWfQ2xcFQsYtUDSKuUwoVBSY44fvo-aPSN6-9VC5bEeyA6zvMfo4wkv4qXAZBjGrl17078ax0FNToZqp-Npx3yKx_rlUXWgIRSZQGkDmpmiEpZZ3-q3o69Uag3QZBm1TepAQKABsnH_frd-O6SF6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3anNNuLjYddQ3iFbUcN0Vgbe6gZQ%26client%3Dca-pub-2587532934367282%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

36a8a08c9944d5ae9e44f22f38d3afdae4f2b1d59c1469f52316862b29eca87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=HCjQwnp3O_PuVKGQQ7lkHlQWOlBCWtGSAOfnISJLKoWzmVLsT9BDV9RD2stzNJwaD8WChHVfDVPB1E5buXhV-N7tCSu1najFr78bH6CcR0eptTfmPqckc0CGlzDxVWl-6mHmr7tqigOhGt9AfjZTflKZAM_TzjIzBH4UWow4AQCUaCi5xde-Ffk6iGDAZTIwlrV3MINEA-_-v4FArfxvVFIfEQstcxdogM1zNVfu-meFxuVLMkoXrweQ8knuRN9A1eXAMLiuEzv5dRs4"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 13403199
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9683 1 KB
646 B 57ms
54ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 22:00:29 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 22:00:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1BB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

61ms
61ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
expires: Tue, 03 Oct 2023 05:21:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B69
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

83ms
83ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
expires: Tue, 03 Oct 2023 05:21:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69B2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 959c729c49bf3b04bda7b916fedd302e3bbf10c6f9e248a062297ed216d936c7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6310 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd049f24ef960817b05157d1057990357ba76dc28f2446b2d50f7423e4014770

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6B00 0
174 B 118ms
57ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAbqxfN9F2AC2UkPRCJL_tM&google_cver=1&google_push=AXcoOmQQDrO-m73u8guA3GC5iP--PLSJBO7O-GafgeXf-E25SLVmxy8LAGOAH2QmEhxwmpDouXt18Uqd-0wcbDH8Tm_MD6lj7CEowGI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B00
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGCd-yXi_qZB1vElrBdrL6k&google_cver=1&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXf...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGCd-yXi_qZB1vElrBdrL6k&google_cver=1&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5du...
https://t.pswec.com/bsw_sync?ssp=google&bsw_user_id=4c5747b6-ebf5-4ec2-9a5a-ea1e7e1a8375
https://t.pswec.com/ul_cb/bsw_sync?ssp=google&bsw_user_id=4c5747b6-ebf5-4ec2-9a5a-ea1e7e1a8375
https://x.bidswitch.net/sync?dsp_id=2&user_id=bed23ece-b61c-4363-97e5-c6a0101b09c6&expires=3&user_group=1&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXfXV0y8yEHEr4&google_hm=TFdHtuv1TsKaWuoefhqD...

170 B
188 B

62ms
62ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXfXV0y8yEHEr4&google_hm=TFdHtuv1TsKaWuoefhqDdQ==

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQnwDxKt73UOIHrqUouCzChMrjVzzdU8_1QkM2UoXFDlxy4bc1Z4w_WJFSrkv-gWLIeX2lAOfOaeHz5duVbfdXfXV0y8yEHEr4&google_hm=TFdHtuv1TsKaWuoefhqDdQ==
Date: Tue, 03 Oct 2023 05:21:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B00
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOoD5VmQo6TmIlQFKChW67Q&google_cver=1&google_push=AXcoOmTRnH5qCyhNcbiyHlhOmhIouMFrsodtzC82Zw20z6RrLPN6bUVIFJfYCNdQIkCls3GVJDGtpxM4Ot9h3LHx7JLX1Mw...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTRnH5qCyhNcbiyHlhOmhIouMFrsodtzC82Zw20z6RrLPN6bUVIFJfYCNdQIkCls3GVJDGtpxM4Ot9h3LHx7JLX1MwXDluAOeE&google_hm=eS1ETk5SMWNORTJwSHJ...

170 B
232 B

61ms
61ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTRnH5qCyhNcbiyHlhOmhIouMFrsodtzC82Zw20z6RrLPN6bUVIFJfYCNdQIkCls3GVJDGtpxM4Ot9h3LHx7JLX1MwXDluAOeE&google_hm=eS1ETk5SMWNORTJwSHJGZS5wN3h4eHhRSjdOYkd4VVlSNn5B

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTRnH5qCyhNcbiyHlhOmhIouMFrsodtzC82Zw20z6RrLPN6bUVIFJfYCNdQIkCls3GVJDGtpxM4Ot9h3LHx7JLX1MwXDluAOeE&google_hm=eS1ETk5SMWNORTJwSHJGZS5wN3h4eHhRSjdOYkd4VVlSNn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6B00 43 B
363 B 157ms
49ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQmaC74TkClAdu5tz_Cnp-AbBPCjQIg6AlnL6l2obnns3DW9Qsf9AGFudQ565aR9g_Evg-4eckIrjrFqx2S91-bRqxM46C4_Kw&google_gid=CAESECMPvWCQ73ZlhI_HkX8xUpQ&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 226435
expires: Tue, 03 Oct 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B00
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMUBkns1G3Mghu7WerVaSEc&google_cver=1&google_push=AXcoOmRprvVnnA_wMy6Wu2QQCRLrsbp_3YqO-4NzgOrOS_cD8yievvH50sJAsfv7Lt...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRprvVnnA_wMy6Wu2QQCRLrsbp_3YqO-4NzgOrOS_cD8yievvH50sJAsfv7LtAFqaz84Ag8M-xdFJDGFqh0sB6dcV4Fs5nT2yyR&google_hm...

170 B
329 B

62ms
61ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRprvVnnA_wMy6Wu2QQCRLrsbp_3YqO-4NzgOrOS_cD8yievvH50sJAsfv7LtAFqaz84Ag8M-xdFJDGFqh0sB6dcV4Fs5nT2yyR&google_hm=gblcDWnuTfyL9ZlN5AwVDEU

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRprvVnnA_wMy6Wu2QQCRLrsbp_3YqO-4NzgOrOS_cD8yievvH50sJAsfv7LtAFqaz84Ag8M-xdFJDGFqh0sB6dcV4Fs5nT2yyR&google_hm=gblcDWnuTfyL9ZlN5AwVDEU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B00
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRLwDsGZlpX8BonjDUrX4sBiUcF0yV8JZL_3Kd55zl4ZArftQRAQlwv2wsPQBVzOTPPICxOWDNz97oSHitbE62338EPljXR1DU&google_gid=CAESEGaxzPqtyK...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaxzPqtyK-f-78NynLoGxU&google_hm=T1BVNWE2MjIxZThlMGIwNDIzNzhiZmY2MmQwYzEyMzQzZTE&google_nid=opera_norway_as&google_push=AXcoOmRLwDsG...

170 B
188 B

63ms
62ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaxzPqtyK-f-78NynLoGxU&google_hm=T1BVNWE2MjIxZThlMGIwNDIzNzhiZmY2MmQwYzEyMzQzZTE&google_nid=opera_norway_as&google_push=AXcoOmRLwDsGZlpX8BonjDUrX4sBiUcF0yV8JZL_3Kd55zl4ZArftQRAQlwv2wsPQBVzOTPPICxOWDNz97oSHitbE62338EPljXR1DU

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaxzPqtyK-f-78NynLoGxU&google_hm=T1BVNWE2MjIxZThlMGIwNDIzNzhiZmY2MmQwYzEyMzQzZTE&google_nid=opera_norway_as&google_push=AXcoOmRLwDsGZlpX8BonjDUrX4sBiUcF0yV8JZL_3Kd55zl4ZArftQRAQlwv2wsPQBVzOTPPICxOWDNz97oSHitbE62338EPljXR1DU
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 327
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 6B00
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESELxi5CCm6DvYMO3o-tlTIR0?ext-param=AXcoOmRTZ7J0MxaBcWfti_vcZl4y8TkEhdTAumP3csO6jeV0WYe0HieVxlB-ophsDnE1z6elrSAUyC8dZaa8EG7bKfy_UUJPZ-A08zg&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESELxi5CCm6DvYMO3o-tlTIR0?redir-setuniq=1&ext-param=AXcoOmRTZ7J0MxaBcWfti_vcZl4y8TkEhdTAumP3csO6jeV0WYe0HieVxlB-ophsDnE1z6elrSAUyC8dZaa8EG7bKfy_UUJPZ-A08zg&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELxi5CCm6DvYMO3o-tlTIR0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

193ms
193ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 17 Sep 2024 05:21:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6B00 0
40 B 175ms
62ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKn7GuzsuMIeqg_SQGEEyuKt2TftR5bjlFa8MPDjCToQ-qjsqogBMPWlB0bvUoiSfyNuTi-IHY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame C6C2 14 KB
1 KB 64ms
64ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 03:34:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame C6C2 2 KB
892 B 56ms
55ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:27:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/ Frame C6C2 23 KB
9 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9131
x-xss-protection: 0
server: cafe
etag: 6297790743806441599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 07:08:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3588 143 B
166 B 60ms
59ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame C6C2 3 KB
1 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 17:26:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/ Frame C6C2 20 KB
8 KB 62ms
61ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 16:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6C2 187 KB
59 KB 62ms
61ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame C6C2 36 KB
15 KB 60ms
59ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 05:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 05:48:15 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9683 35 B
463 B 674ms
97ms Image
image/gif 192.184.69.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMeHrXnYNuMEZFvlsoLOb4s&google_cver=1&google_push=AXcoOmQ2vJXJMNMxB0PZau7CUYg-0iZ31Svcc60CGcKJyI2gCmNNqUel9A8Y4mw5diFcHESWT8Wbpu0GrwlSS9lR3_iUiz7_LK4ViPUQTC3aw1dspdet5O9p4Npm_sg3Tcbszie-enwFbjOTl22Ns3iCPdP8BQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.69.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3RXaW9RV20xUU54UVI1&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cver=1&google_push=AXcoOmRkxFRyAF6McSaeOvJB7YsXr_GrEO3aRXfV_UeotFY...

170 B
188 B

63ms
62ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3RXaW9RV20xUU54UVI1&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cver=1&google_push=AXcoOmRkxFRyAF6McSaeOvJB7YsXr_GrEO3aRXfV_UeotFYcBbpLIP5uQfAJ5SIumGP-eHG9jaVsW5bt58zXHBHaV3kLUdKcIcS7yF90esyY35GOllj5O1DLwvzYPXJ4FkdeU5u8JGA2RVfaCtTXkojMEvo-qd8

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 05:21:45 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-0f8c7dd0aa4e75128@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3RXaW9RV20xUU54UVI1&google_gid=CAESECo6Wzm8RDb7JCMzqaTLSfw&google_cver=1&google_push=AXcoOmRkxFRyAF6McSaeOvJB7YsXr_GrEO3aRXfV_UeotFYcBbpLIP5uQfAJ5SIumGP-eHG9jaVsW5bt58zXHBHaV3kLUdKcIcS7yF90esyY35GOllj5O1DLwvzYPXJ4FkdeU5u8JGA2RVfaCtTXkojMEvo-qd8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGKrwuQq4N9seLD2zHGbwA4&google_cver=1&google_push=AXcoOmQEvhePWkhDdXvRf5W4MH3vbL6Xrm63Za-5vwK4sECR4L0YQtWVkALkvpsBZwSjFd_k15iIpgN1sgKhyaAI...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=enGKza-fTpQwOxmsC9gdVA&google_push=AXcoOmQEvhePWkhDdXvRf5W4MH3vbL6Xrm63Za-5vwK4sECR4L0YQtWVkALkvpsBZwSjFd_k15iIpgN1sgKhyaAIF63YVK-XfKsEYN5...

170 B
188 B

63ms
63ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=enGKza-fTpQwOxmsC9gdVA&google_push=AXcoOmQEvhePWkhDdXvRf5W4MH3vbL6Xrm63Za-5vwK4sECR4L0YQtWVkALkvpsBZwSjFd_k15iIpgN1sgKhyaAIF63YVK-XfKsEYN5pYZ9vkM7M-Ba8X6hoUoaPy_K56NYVzffGg9tzy0i3ognejUtgi6s3fNc

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 05:21:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=enGKza-fTpQwOxmsC9gdVA&google_push=AXcoOmQEvhePWkhDdXvRf5W4MH3vbL6Xrm63Za-5vwK4sECR4L0YQtWVkALkvpsBZwSjFd_k15iIpgN1sgKhyaAIF63YVK-XfKsEYN5pYZ9vkM7M-Ba8X6hoUoaPy_K56NYVzffGg9tzy0i3ognejUtgi6s3fNc
x-host: tde-deliveryengine-production-8b9d7bc7f-rxtz6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOoD5VmQo6TmIlQFKChW67Q&google_cver=1&google_push=AXcoOmRSaOmUSOexUSOrGPSkkMJfosNhUYysmvb0K4L5-SYDIBLLMY22GwUPIDPdAo0_WbwQ9S07uMdUean5-43lSDgv0HI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSaOmUSOexUSOrGPSkkMJfosNhUYysmvb0K4L5-SYDIBLLMY22GwUPIDPdAo0_WbwQ9S07uMdUean5-43lSDgv0HI12pIZUjJ48OIxOCKXx6FOVJBTVDzfrV0X_NgLw...

170 B
232 B

62ms
62ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSaOmUSOexUSOrGPSkkMJfosNhUYysmvb0K4L5-SYDIBLLMY22GwUPIDPdAo0_WbwQ9S07uMdUean5-43lSDgv0HI12pIZUjJ48OIxOCKXx6FOVJBTVDzfrV0X_NgLwP_PEXMJTF2XGy3gmeuQZYjOavE&google_hm=eS1Iem5VMFpsRTJwRzIuTG0weHZkNWFpTHQxTHZILmRSdn5B

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSaOmUSOexUSOrGPSkkMJfosNhUYysmvb0K4L5-SYDIBLLMY22GwUPIDPdAo0_WbwQ9S07uMdUean5-43lSDgv0HI12pIZUjJ48OIxOCKXx6FOVJBTVDzfrV0X_NgLwP_PEXMJTF2XGy3gmeuQZYjOavE&google_hm=eS1Iem5VMFpsRTJwRzIuTG0weHZkNWFpTHQxTHZILmRSdn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESECgptVtCL0-LciwBiAyhgEw&google_cver=1&google_push=AXcoOmQ8wmqfiCbbxAqoZSQ55pF67SSBUcegHs4EYdzf5PU-JJnDJJ7FVMOIAT9FKjk92xBwVEPKt3yWVD_afZjgojqV6gE...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQ8wmqfiCbbxAqoZSQ55pF67SSBUcegHs4EYdzf5PU-JJnDJJ7FVMOIAT9FKjk92xBwVEPKt3yWVD_afZjgojqV6gEjJPY-sWvvkaEaLlavsv01jzFSKy...

170 B
188 B

63ms
63ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQ8wmqfiCbbxAqoZSQ55pF67SSBUcegHs4EYdzf5PU-JJnDJJ7FVMOIAT9FKjk92xBwVEPKt3yWVD_afZjgojqV6gEjJPY-sWvvkaEaLlavsv01jzFSKyLeQXx-bZZjOQrst6n5EK955TfGe623lUeblNog&google_hm=NjQyNTEwNDYwMTI5NDIyOTcwOA==

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQ8wmqfiCbbxAqoZSQ55pF67SSBUcegHs4EYdzf5PU-JJnDJJ7FVMOIAT9FKjk92xBwVEPKt3yWVD_afZjgojqV6gEjJPY-sWvvkaEaLlavsv01jzFSKyLeQXx-bZZjOQrst6n5EK955TfGe623lUeblNog&google_hm=NjQyNTEwNDYwMTI5NDIyOTcwOA==
Date: Tue, 03 Oct 2023 05:21:45 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEJ2O4h9PY8ADE4VFqqITpsM&google_cver=1&google_push=AXcoOmRXipF-E3WLo9d92oV_pAPqLxRtJxlq-eMyTl2D6nFIp4dwdctl0NNZ-sM6jIv8q3fzDdSrAaUqfhpEyok...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=nKBCszNu2EWvdckn-iTeRg&google_push=AXcoOmRXipF-E3WLo9d92oV_pAPqLxRtJxlq-eMyTl2D6nFIp4dwdctl0NNZ-sM6jIv8q3fzDdSrAaUqfhpEyokDifEqaOXuQ...

170 B
188 B

62ms
62ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=nKBCszNu2EWvdckn-iTeRg&google_push=AXcoOmRXipF-E3WLo9d92oV_pAPqLxRtJxlq-eMyTl2D6nFIp4dwdctl0NNZ-sM6jIv8q3fzDdSrAaUqfhpEyokDifEqaOXuQSbCeDrclFEkkJDjmY6AfR7DsCOngjOXKEmCs-pt5_eyEfwE-PFyQLDCvhwsqpD_

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=nKBCszNu2EWvdckn-iTeRg&google_push=AXcoOmRXipF-E3WLo9d92oV_pAPqLxRtJxlq-eMyTl2D6nFIp4dwdctl0NNZ-sM6jIv8q3fzDdSrAaUqfhpEyokDifEqaOXuQSbCeDrclFEkkJDjmY6AfR7DsCOngjOXKEmCs-pt5_eyEfwE-PFyQLDCvhwsqpD_
Date: Tue, 03 Oct 2023 05:21:45 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9683
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAitVoLkHo45LHVWz5dm_2c&google_cver=1&google_push=AXcoOmQB3SmjltXTmLnaN78Acv4PeCKEpFykb0UkLuxmnxB44jkLN-aOhSLvIVT1Qsg...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQB3SmjltXTmLnaN78Acv4PeCKEpFykb0UkLuxmnxB44jkLN-aOhSLvIVT1Qsg_ziTqnQRbnF7i0mG0K47eayv7hwddrps1o6U5iac5uqXdiO4TmoFrhk_6vpN...

170 B
188 B

62ms
62ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQB3SmjltXTmLnaN78Acv4PeCKEpFykb0UkLuxmnxB44jkLN-aOhSLvIVT1Qsg_ziTqnQRbnF7i0mG0K47eayv7hwddrps1o6U5iac5uqXdiO4TmoFrhk_6vpNRmYo4zqgUprkFvzYr4ALzLQn5jz5wzoj2

Requested by

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: a9549939
date: Tue, 03 Oct 2023 05:21:45 GMT
x-bytefaas-request-id: 2023100305214582E87BD3A71DEA4CC50D
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-55-171-79.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100305214582E87BD3A71DEA4CC50D
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQB3SmjltXTmLnaN78Acv4PeCKEpFykb0UkLuxmnxB44jkLN-aOhSLvIVT1Qsg_ziTqnQRbnF7i0mG0K47eayv7hwddrps1o6U5iac5uqXdiO4TmoFrhk_6vpNRmYo4zqgUprkFvzYr4ALzLQn5jz5wzoj2
x-bytefaas-execution-duration: 3.05
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 12,23.55.171.79
x-tt-trace-host: 01236e8c61610845aa73204c33ed56daf6f54163073f3fc0f59c23d556f9021175b8f078bdf8fb3f1cac89ca4d8f87e08706dee54ab9ee19762c57e7cefd19d7226c618a25c8b99decbff48a187aa2cd7b35a2d7179cce8a17c40532cb94d0c392
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Tue, 03 Oct 2023 05:21:45 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9683 0
130 B 65ms
61ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KM7amPr9ZrJ83fbyGDTE4t70jZW8uQQmWpotpzNf0DftQw2Ovu7ga1HgqSAJkW9enfa0xAx2UW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08F0 42 B
174 B 65ms
63ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4AY2aMpp8EU4Fmkm_CJuvrAh3L4wIQOkB-m6zNDjZCnLIMDMUm3MjZSkIQaEdNo1MQHquiN9vHUZB9iGkmsc2IGlOs-Q2pIL2D7iVkyyO9oecucLD7aNH9na69j2JKDVJ_Mryb7MgUA&sai=AMfl-YSN06hh0pJxLkXeCiIYbG8hQIkQkJd7h8VsntKzVcpaZs_CNqfmI2dSXJMuFDuvzfQe0pGs69X118lXu12spnJk42SghMKMQCTlNR7r1BsyBRvcz8NzYXgy4ZMFgxC-Q-GHq_AphygwZQihOw&sig=Cg0ArKJSzLlo1AfM_kGgEAE&cid=CAQSTADICaaNoaV73YG9o1a2jGjhrp9UBuey5kP6pfMwKKAbGrPK5IyTt8RRQPoOtXLKEYC5QioZfB1-Bp0fQEHBu666UFObD07M2VEV5L4YAQ&id=lidar2&mcvt=1067&p=0,220,280,920&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=991895601&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696310503714&rpt=819&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BC6D 2 KB
1 KB 151ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRuk6QADXmsE0bzVAAu1YsuM9qA_HXYpdySlyA&u=%7C6SncL92YyKJzSKQUBxUTCsXofn%2F%2BKpJ2FD%2Bj4ld6iQo%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3bgp24c8eiT32SY9tZVnMOWRb1GpMbejXspWYmEvKY6MC34VriPOwUn5tGjFKmxx7SUXL5m7kfT42GNF1m-4lBx2eJDJiixYIxCZRwgBic3APiuNGsgy6Cjw1cWYCMVdUs1YfzYP8e346PNyJC-uxlebFTDJJW3sscz4BXxk0_tUYoUqcFIbL3XoaP0Z2goQYY4jCtqk_mT_kj88pg_OU1U00suanFh7THKegmki_uDqvOfipTJA0QACuU8jV-YIJZ7cXIaczyuspXri3drrp-yIOKAAu2zCHj5b0G4os-SxONfr6E--QiGs0DElqtt7IoYbaDhfa3A_ZD-JwaXAboGDO1EkOA_KQ8Gv2x9ucTdcPS7Fr64rUrhKAKuNGiOnTDR91WgE1n9fb64_cf8bfbv7nAvgh5xIi1ES4J_-HaH_tSw_pOG5yZjmO3qM2g1I6pePElhyJR07AdzPv_BYJz2yfybiL8jbbk8Fvkicb8kh8geuGq2yacSsqgnwNWiCp_IQIfs0Z2NpuoGOAIIorpJ4yKC0u4LTOq3ATRunirVFy2TCTrGK2n5&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W306aQbZeu8DdX5xtYP4uquuAWcge-wXLLtt52dAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBLABT9DGbxzBfzmes7Jx3StiWVpnx6DqYt108BQyw64-OJM0Y2WbWa40tfFN0pCkUau5AVZh4-0kaXAe8qeHXfTK0Qfmj-OJQM9Ty5Ys0uTWfQ2xcFQsYtUDSKuUwoVBSY44fvo-aPSN6-9VC5bEeyA6zvMfo4wkv4qXAZBjGrl17078ax0FNToZqp-Npx3yKx_rlUXWgIRSZQGkDmpmiEpZZ3-q3o69Uag3QZBm1TepAQKABsnH_frd-O6SF6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3anNNuLjYddQ3iFbUcN0Vgbe6gZQ%26client%3Dca-pub-2587532934367282%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame BC6D 2 KB
1 KB 152ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BC6D 308 B
636 B 88ms
54ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BC6D 293 B
621 B 84ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame BC6D 43 B
348 B 153ms
51ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=sEVEZ6GCShzmOLQz9Dw8IboXfVSA0wfxHUU-CRSKcvZDqAsiM2g-rMWuuFzLXUxDQnBfc0tosl1YE6TFC6F_B_FNf6b83-wb_Axj-g3yaozVTSyN2D6EDlqPgTwH9cbKBGRufTyFzzw-47GYxkypcSCvgK1OZl8OkIjTCqoqTqLrfG31aMTBjxQOq70B-lmpTMRR08UODS_-NElQfXdlz3WOMhAHoM5gBRc-cfpWhIyzfIRXKKa7shlJ7VXwqNTFZ7S68km5tgi9N-prsuyCoZDG-hDdk0BAGYl4aRo8uGWuxrDVSLpHvCV5hOCzIKCFY4rj80_Y3ozOFkjJPQ0PD3MarNyFDjVpQNPSilEBJczmvKT9TQ9vPS-2vg7YS9uSUhSwrk3PU1nXDqcL6A9yt_osD-phWjmbh1I7x8zf86taXG0d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1588605
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7F5B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b552cb60ec0f39b753307576582499fada36182d78849682121f048d1c4f1d52

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BC6D 12 KB
6 KB 126ms
98ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8042 2 KB
1 KB 69ms
55ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZRuk6QADS0QE0bIFAA17dU9q_2sVU5pkozaQKw&u=%7C6SncL92YyKLlPo%2BvbwDL%2B0rZipWvndFFLt8C0onTHR8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3bgp24c8eiT38XY7TXVpZGTt8e31cMXcJ0S1ySGsOKYTdELNuBtDmmUwN3bFkgkC6HkYJY3G78HnSCcT3uvbrEP8_UbeT5G1cM0nxd8ufHtsf_EL8tWfpxFZm4FVxw5kQoBYovl68gkBXce6XzWdnkGT5qodBxUmMRfLPyBAXsL8vr1QPOY4ZjesoiCS5Ijgf18nP-Yx-nJk3zk2221eCr7YtdHDK8D8cS5t0V4f3i31gVrUuUENUbaVL7gHKs30xUbGAP_7DkCW_FfakhtqmoB1QPZdKXNBiMGEjDr8QLFbeoRgWKd0gP--KPPlkclRAMM-GenJMlHtQIAwssj1RqeOYMm9mFdlkO3cR0yLOl3_SroQbSQyfDeWP67v1QpG6GVTUL-CHqHnQQMgr73--kp2D-_vNURIybR0SiSJgpbv2-PprqTFUuch-vi01HIh9LjX6uEg21z1yFMwWwMc-0Bjx6Fw-u6G1FQDC-RI0ehtz141F2W4LrLpwfasYQfMPupvlsmXDs0Xy54dYoAw9aN5LcV3BGeTaCXN2R0ccyrhnR83SOZJtlRK5dds_2Bs7A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC361s6aQbZcSWDYXkxtYP9fa1yAicge-wXIqilqS0AcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBLABT9CwyD5ZNu91LGSMZBFbMlZ5kb-y2RKYo8AwcPF8VWTe5zPYp-2BXJUiTUvCQVSsIiSVW65TlH5R6pfNZx0JVX7Pi7yNLtD67iQ251YqsG45lz-S2f_1SomKZcBcXHq-VtMiGZTug8UMH3Qum-WLiDOTpiP3BwuoOcvcxrNLEJIDMlfN4at4n_HL6VUpIPrleeXjZS4trtGlb0J78Xdsz_HKeFLpC3iBCIhGqXEITXiABvGu__HpxKHBowGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3caRDogTxc1xKF81nLudXrIGmIfg%26client%3Dca-pub-2587532934367282%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 8042 2 KB
1 KB 63ms
50ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8042 308 B
636 B 50ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8042 293 B
621 B 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 8042 43 B
347 B 52ms
52ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=z_YlCCDmaQYaLaCPcU16cv9pJM9c3rcUQrgtNoNNqYTKZWISjloYLmUwzrELhyoZ-AUMmUNsJhyArXUEkFOWpxbn3tbLIV6nbLDDdGJX8Il4-IMVv2UfVbgtSYIlESVAhl9L2xoXlrowJf7rsg0x4ErSe65aK6rYJkU9zPCq_LB-JE4mj_vMRvM5oOEBk-iY1vxWvuThwx7AlyWcrOuOxgbhJRWsq9Q1-GTT4ndG9sTWURXUEMHiXNlOAgqZ0rV6DkkUu6l2TTW3yNgw5aCJFufq-CI5AJ-a7-CxjT9TyIjiz6Wy6verkJJ5vcWkSO9rnwE2UysAK252GFzIHlLQghFKzCI1YR7qR15zIN1N7Q09cVvdbNyUZBHnbTEZ-wX8kwbdggD0vIuc-GaijmBzIlM9t6WTVRwQVE6Rh3cHaHydAUwJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2523394
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6310
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-OmQ56QbZc_uLdbT0_wPhOql-AGthfSnc9ec3L7AENnZHhABIISB1iVgyYaAgNyjxBCgAY_t9LgDyAEDqAMByAPJBKoEsQFP0J0bNZFiR46Okg4ZlRElCAxGnc2pFEbwWywu4WmNwnv0L50...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x929bc16d80eca7a50000000000000000%22,%222%22:%220xaf20e7235ce833590000000000000000%22,%223%22:%220xbdba7e...

0
0

59ms
58ms

Fetch
text/css

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x929bc16d80eca7a50000000000000000%22,%222%22:%220xaf20e7235ce833590000000000000000%22,%223%22:%220xbdba7e117212fbcc0000000000000000%22,%224%22:%220xacf3b9698ea19b830000000000000000%22,%225%22:%220x2e64363d870682cb0000000000000000%22},%22debug_key%22:%2212951542818275629562%22,%22debug_reporting%22:true,%22destination%22:%22https://hefty.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22924661391%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211118299122017714865%22}&andc=true

Requested by

Host: vox.cc
URL: https://vox.cc/mi

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x929bc16d80eca7a50000000000000000","2":"0xaf20e7235ce833590000000000000000","3":"0xbdba7e117212fbcc0000000000000000","4":"0xacf3b9698ea19b830000000000000000","5":"0x2e64363d870682cb0000000000000000"},"debug_key":"12951542818275629562","debug_reporting":true,"destination":"https://hefty.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["924661391"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"11118299122017714865"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 05:21:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 05:21:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x929bc16d80eca7a50000000000000000","2":"0xaf20e7235ce833590000000000000000","3":"0xbdba7e117212fbcc0000000000000000","4":"0xacf3b9698ea19b830000000000000000","5":"0x2e64363d870682cb0000000000000000"},"debug_key":"12951542818275629562","debug_reporting":true,"destination":"https://hefty.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["924661391"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"11118299122017714865"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 65A4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1c55254cfe76d28ca7f98734d310a4ee62ccabb2229aa829fbeed12fdbbf01

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame E522 37 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: vox.cc
URL: https://vox.cc/mi

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:44:44 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame BC6D 56 KB
56 KB 441ms
92ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=480&rid=4&s=2SjOgYdUky_WbqUAHpHHZxel

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2dcd66064e6fb85ef3efd281f2af4a481f144cdd22f134ec284b03b9a2bcbffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 56902
expires: Sat, 31 Aug 2024 03:03:29 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame BC6D 0
128 B 397ms
50ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=HCjQwnp3O_PuVKGQQ7lkHlQWOlBCWtGSAOfnISJLKoWzmVLsT9BDV9RD2stzNJwaD8WChHVfDVPB1E5buXhV-N7tCSu1najFr78bH6CcR0eptTfmPqckc0CGlzDxVWl-6mHmr7tqigOhGt9AfjZTflKZAM_TzjIzBH4UWow4AQCUaCi5xde-Ffk6iGDAZTIwlrV3MINEA-_-v4FArfxvVFIfEQstcxdogM1zNVfu-meFxuVLMkoXrweQ8knuRN9A1eXAMLiuEzv5dRs4&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BC6D 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BC6D 2 KB
1 KB 49ms
49ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8042 12 KB
5 KB 373ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 940857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnzVGAOtpgDM9cUTKYTO2t%2B5t7f0Szf848ITyrju1jqWJCKkoZRyT39m088icHWuIZvTM65zlggrYZbA3sJwp3dRiXjcqrsL1rcj%2BNjlKbIzchxDcTrphCwffu7xeaagOJt0fUKfyLVvG3Fz0piVA86m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8102be57bab6b3d1-MIA
expires: Sun, 22 Sep 2024 05:21:46 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8042 12 KB
6 KB 50ms
49ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 61E8 37 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:44:44 GMT

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame B9B6 37 KB
14 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:44:44 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 65A4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C6_6C56QbZc7uLdbT0_wPhOql-AHk9qL3cp6BubCmDfKzmfCRDhABIISB1iVgyYaAgNyjxBCgAbjdsNgDyAECqAMByAPJBKoErwFP0E_HgMabilm98SZPKcddv-lUeinxAz5gQlz7RLwSpZY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa500cf3bc27707770000000000000000%22,%222%22:%220x5bbc3cd2555314cd0000000000000000%22,%223%22:%220x3e57ca...

0
0

58ms
58ms

Fetch
text/css

172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa500cf3bc27707770000000000000000%22,%222%22:%220x5bbc3cd2555314cd0000000000000000%22,%223%22:%220x3e57cac6770a8ad80000000000000000%22,%224%22:%220x466865efed07c1ff0000000000000000%22,%225%22:%220x3fe425a7f09df8580000000000000000%22},%22debug_key%22:%2216429484960743244828%22,%22debug_reporting%22:true,%22destination%22:%22https://kiltrentalusa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990654136%22],%224%22:[%2210-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210126971809560261329%22}&andc=true

Requested by

Host: vox.cc
URL: https://vox.cc/mi

Protocol

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa500cf3bc27707770000000000000000","2":"0x5bbc3cd2555314cd0000000000000000","3":"0x3e57cac6770a8ad80000000000000000","4":"0x466865efed07c1ff0000000000000000","5":"0x3fe425a7f09df8580000000000000000"},"debug_key":"16429484960743244828","debug_reporting":true,"destination":"https://kiltrentalusa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990654136"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"10126971809560261329"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 03 Oct 2023 05:21:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 05:21:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa500cf3bc27707770000000000000000","2":"0x5bbc3cd2555314cd0000000000000000","3":"0x3e57cac6770a8ad80000000000000000","4":"0x466865efed07c1ff0000000000000000","5":"0x3fe425a7f09df8580000000000000000"},"debug_key":"16429484960743244828","debug_reporting":true,"destination":"https://kiltrentalusa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990654136"],"4":["10-03"],"6":["true"]},"priority":"500","source_event_id":"10126971809560261329"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 61ms
57ms Preflight
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 05:21:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8042 37 KB
37 KB 443ms
164ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=65992&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F65992%2F191115%2F14809c4e7335481daf7bf95a926a1039_metal_logo_1.png&v=3&w=196&rid=4&s=cbM9AtyMMQPOdLIDfuUa2T5Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f97b661f75d2e47fd491feaf543972979283c4b70b9afcfbc5609d6ffff9baa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 37611
expires: Sat, 31 Aug 2024 12:16:25 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8042 5 KB
5 KB 469ms
190ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65992&q=80&r=0&u=https%3A%2F%2Fcdn11.bigcommerce.com%2Fs-3n1nnt5qyw%2Fproducts%2F5189%2Fimages%2F5821%2Falfa-international-on-off-rocker-switch-alfa-model-fw9000-swit-12__75918.1629741723.386.513.jpg%3Fc%3D1&v=3&w=800&rid=4&s=kKV3aQIhQ54869WgM8PWz6g1&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6330531ca8e9a915bee544486a57bb179718017f237abfef918f0455e040d59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4794
expires: Thu, 22 Aug 2024 02:21:06 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8042 3 KB
3 KB 470ms
191ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65992&q=80&r=0&u=https%3A%2F%2Fcdn11.bigcommerce.com%2Fs-3n1nnt5qyw%2Fproducts%2F2746%2Fimages%2F3278%2Fsausage-maker-heavy-duty-gambrel-model-31380-12__43054.1629739673.386.513.jpg%3Fc%3D1&v=3&w=800&rid=4&s=aMYDDY1p2Y-V0QFuNJoFT1KM&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

81912a817094091b3bd5cfabde50c5005a2ccdafcc884502a9b8af9ac762a58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2868
expires: Mon, 02 Sep 2024 13:12:28 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 8042 6 KB
6 KB 442ms
163ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=65992&q=80&r=0&u=https%3A%2F%2Fcdn11.bigcommerce.com%2Fs-3n1nnt5qyw%2Fproducts%2F31267%2Fimages%2F73924%2F33-1301__38116.1686849596.386.513.jpg%3Fc%3D1&v=3&w=800&rid=4&s=U0NFrm2zgOBiJxmaKP64xdG3&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

48517caf1931d977922cd5f66fb9294fd1997f70b09a57370edd811d4cabbd24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5862
expires: Sat, 31 Aug 2024 06:04:31 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 8042 0
127 B 329ms
51ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=QaQrLnp3O_PuVKGQ-YnbcX-qdOD6567tyQe9LgCXJiRZT4Cqa02xwB4Pa2YYthHIqWybWfUf5N0tl0sEWuAAgVrTng8iEJtdBfCv2-FwsbW0pWig0a445x06crlL8lmJOkfsG9sCOmIqPyCBIAMOJxnf8eUpL9lJjktCr1Rkhl0Nhs_xobD-aw8zlb8gFW0DsBs5y424aALEnsJKbcACyD7u9rEwEeg8ycAIsjx3gee5LK_S2Z3513YFLhvObGrLx_CysQ&sds=2&rev=88628&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8042 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8042 2 KB
1 KB 53ms
53ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3588
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
19 B

63ms
63ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:46 GMT
expires: Tue, 03 Oct 2023 05:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 05:21:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame B21B 37 KB
14 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: vox.cc
URL: https://vox.cc/mi

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 553021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:44:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 58ms
57ms Preflight
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 03 Oct 2023 05:21:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 robotoslab-400.css
static.criteo.net/design/googlefont/robotoslab/ Frame 8042 2 KB
848 B 50ms
49ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/robotoslab/robotoslab-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b621b14fc505937604476e1b73db24c53aa52004134ef6b4183dc0e1a400f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:33 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f149-862"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:46 GMT

GET
H2 200 nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 8042 2 KB
807 B 53ms
53ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:46 GMT

GET
H2 200 nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 8042 2 KB
808 B 51ms
50ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:46 GMT

GET
H2 200 robotoslab-400-latin.woff2
static.criteo.net/design/googlefont/robotoslab/ Frame 8042 12 KB
13 KB 200ms
99ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/robotoslab/robotoslab-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/robotoslab/robotoslab-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b078640beeb8bd22d026eee4937c8a3bdc673edd59c15f0a020e74f080f7589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/robotoslab/robotoslab-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:33 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f149-3140"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:46 GMT

GET
H2 200 nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 8042 17 KB
17 KB 209ms
108ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-4254"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:46 GMT

GET
H2 200 nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 8042 17 KB
17 KB 196ms
108ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-42dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Sep 2024 05:21:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69B2 0
20 B 72ms
71ms Image
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6H7k6aQbZcSWDYXkxtYP9fa1yAicge-wXIqilqS0AcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTI1ODc1MzI5MzQzNjcyODLIAQmoAwHIAwKqBK0BT9CwyD5ZNu91LGSMZBFbMlZ5kb-y2RKYo8AwcPF8VWTe5zPYp-2BXJUiTUvCQVSsIiSVW65TlH5R6pfNZx0JVX7Pi7yNLtD67iQ251YqsG45lz-S2f_1SomKZcBcXHq-VtMiGZTug8UMH3Qum-WLiDOTpiP3BwuoOcvcxrNLEJIDMlfN4at4n7PJycfvnRGf8A7csaIUSXUUYGpy32-oVAKw8ZtXFVSZiUzSkJaABvGu__HpxKHBowGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI1ODc1MzI5MzQzNjcyODIYAA&sigh=JyKKfqEUxiw&uach_m=[UACH]&cid=CAQSPADICaaNAr4TxuQmd3GNY6Ezop2uhNJzFQdR8o_jbvQnSYDt9VNPmvI1Y3RtGjodqJNKCSop_xj40DE-tBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 03 Oct 2023 05:21:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 69B2 0
125 B 51ms
51ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kMGYGM36RLAJmALiIp0XAgAAADtk0p4CKrleEOikG2X9V1E6_nDWhrGOAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZRuk6QADS0QE0bIFAA17dU9q_2sVU5pkozaQKw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:21:45 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 123613
server: Kestrel
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6310 42 B
64 B 65ms
64ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_F7-2WsfithcVC2hpwM_8YeeVKH8KO-oANqAgs_AYTz1hGHaQak8qyeVTIMrMaIGiv9kwV01wr32eNvenigx6mM3Q0jgQ9Y83bc9I3yHjKBVO46ShnvQcqGLN6sxYOs63ZcnkoyAQ17Nl04wDmq4qhwQIvx-su7fEor9dv608YmcyUTjn7GTUDidYXy5y_AbLhbQBeXH-rCar42w4NWCmxz1W61cVqx3fI_fsSzWMoO7ApCVWt8SBJxn9YLpV4IDYFOS2fakv-OAnN9Prj1c-RJo9z-PjPcYIT818uG4qqvNsVJGtFc1IXU4IR3Mu-TWOBKdGPfeeghZl6T-w9uxK6t0n80p1GPnQzL9-UHlpG-1CFSREPyjeHoMNWHxSeYiEkNqZOIL5TxTbLkycsCGBme_cCgBxqPojke13F6GbMvtKmEmVUh3B6Vr-2GR2P_AGZv4XmGt3a459vJzdIrNl6jonuD5KpsfQqnB_IOQD7C7kXeiKVBU6y8EtSPxSygRRKsZmUkNV7qOWAHVIrV3kCDG5NRMzzXyryL9swupoOkbbRqw7nS6JQL8BWUsoBtH47jEKMsDF2kDl4bKlMvb9uONTO2HuhxEUYVzZp1cNegxni2XhTD18ROrL-se9nbVpEVYMyqkZIzozoTomyzlM9M808ftuzfbVYX_U5nBAq-7NjS-QLIaQcHSZcfmdTpPMKkS1wKTChgk6aXuxTSMS85ygloaxJoJ1NMbtY6woCcY9xqx4R7jtqtkaZm-zO_85ZTVqWKGOJO-FZoCEstBiUQySirFJ-KEFdenGdJdBm_4dZc3xK4aEouc-UghZk8NbpwBc1dbwgP8geORZ8hwbxpwlgErPacCpzMOCetUy8CHeYDtInczUTiq6_ZgYz-MPN0nyjK6apFHIUmizcnvwVNXt4N1QJbXv2Ab1waAU7ZTI0GUBNgzCwl9xvw5_AHZ3Ha7cxW25U-fz87BcRPgiNT8sXb9qm3HCVM_WufTrq920nW4HUbOqAArqQ-LHmgyNuv2Du3pt1RoPo8Og0gTRpXlHoJAkeoL7YwAToqHFAabOt_IWaQI1Nm7uV5pHGjhrKXhcO4gZn9gIRjJWGZP_fE6VuhxewC1SRRrPpIwPeZevqZe9yO9hVG8cIsKFJ1osho5hoijktwqjGFw2Y6nbehPgURQitx5TpYK6CL2trp8Xojt_KqP3WHO72Vm64v2mgZHSCV6twq8I0dYhKlFNpW8SGvczHHechnIWUAsIJe2Srpq7XXXSlDomQVVkhRX_fyB0q0QDEH_eCESbvdYU9UD5DY-k_wwZ2sWK7GZ88q1NTeowFmXRKAxyXXm5tPn7prHr5IUR8Ci6n37WZ1I1fqei&sai=AMfl-YQVtYPhfS4gzEOHnWNGn88LgHdXXFrQx_6ltgjgyTLziFHmJrgCWbNk6wgKgbo6_2HAl_c-LzQyOuPyFJPw7imiw5VYh2s3yLJ9ijv1PaLjON-zdYKnOPG1h1oN8qmTfGSIU8N4h4ZY36cg7A9E80lyu1B6gDmsDMU&sig=Cg0ArKJSzFY1hpSQ2n5YEAE&cid=CAQSTADICaaN0QDIEvwYWTvYEGt8UVC2e7AGCrkfQyVe-W30S7mYAHGGSBjzGk1JBSsbbxTKjiAWvyvICcLiWj3upg3NTZiHlk1NcaRZVeIYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=243,865,1000,1164,1164&tos=243,622,135,164,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3105533541&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696310505251&rpt=332&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 65A4 42 B
64 B 64ms
64ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR3pVvWdwuyZjQJiN0nlKs-eoyGNBSwUUzJtLKI4qWThReB5wI4XQc0J0n-7X_qkTjVpfuRp2f8RirR8YEDAmBOTDYMTihsIeVSbRMlGFSuxy-TfeLlqNrYWcouxCMwlQwsLcHaXnWMpk5xxjtcarSnyBxdLTJbx1NcMgXtw&sai=AMfl-YRQBX69HHltBl03g3xjOEUx-qDeW8UHAfuLQMfnZw0mGVd9AGG4A6q2Qn0-T6ydLCg95EPSc98x7hKIElqE-j7Lp0zE94bQVvKLKoWFw3pukbwvK3JuMfNxROTQotxtx3pq3u9Kl1-US60REw&sig=Cg0ArKJSzLpstvp7HbdFEAE&cid=CAQSTADICaaN0QDIEvwYWTvYEGt8UVC2e7AGCrkfQyVe-W30S7mYAHGGSBjzGk1JBSsbbxTKjiAWvyvICcLiWj3upg3NTZiHlk1NcaRZVeIYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3105533544&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696310505250&rpt=481&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 05:21:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ia.51.la
URL: https://ia.51.la/go1?id=21656823&rt=1696310503401&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1696310503401&tt=Domain%2520Name%2520List%2520%25E2%2580%2593%2520Dong.li&kw=&cu=https%253A%252F%252Fvox.cc%252Fmi&pu=

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vox.cc/	1969-12-31 23:59:59	Name: __tins__21656823 Value: %7B%22sid%22%3A%201696310503401%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201696312303401%7D
vox.cc/	1969-12-31 23:59:59	Name: __51cke__ Value:
vox.cc/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.doubleclick.net/	1970-01-21 00:47:50	Name: IDE Value: AHWqTUnB-kk-oraENaJUf7boj5jadu6A3JpZJ81xSfD-r4OTFs_qnlPQinR-UL7g20o
.vox.cc/	1970-01-21 00:33:26	Name: __gads Value: ID=c05046d019d86b7d:T=1696310503:RT=1696310503:S=ALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q
.vox.cc/	1970-01-21 00:33:26	Name: __gpi Value: UID=00000d96828c205f:T=1696310503:RT=1696310503:S=ALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ
.doubleclick.net/	1970-01-20 15:11:54	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:21:26	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 15:11:51	Name: test_cookie Value: CheckForPermission
.blismedia.com/	1970-01-20 23:57:30	Name: b Value: 651BA4E99AFF4BD2474EB9E6BLIS
.ctnsnet.com/	1970-01-20 23:57:26	Name: gid_CAESEMUBkns1G3Mghu7WerVaSEc Value: 1
.ctnsnet.com/	1970-01-20 23:57:26	Name: cid_81b95c0d69ee4dfc8bf5994de40c150c Value: 1
.bidswitch.net/	1970-01-20 23:57:26	Name: tuuid Value: 4c5747b6-ebf5-4ec2-9a5a-ea1e7e1a8375
.bidswitch.net/	1970-01-20 23:57:26	Name: c Value: 1696310505
.bidswitch.net/	1970-01-20 23:57:26	Name: tuuid_lu Value: 1696310505
.yahoo.com/	1970-01-20 23:57:48	Name: A3 Value: d=AQABBOmkG2UCEAlv3Qt_6TaSCucagd30o9wFEgEBAQH2HGUlZQAAAAAA_eMAAA&S=AQAAAld7YeDd2T2wbXNPAvOcB4o
.rfihub.com/	1970-01-21 00:33:26	Name: rud Value: H4sIAAAAAAAA_-MSNjMxMjU0MDEzMDSyNDEysjQ3sBDiM9R1ztJNDIrwqch3DysCAOFikrIlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dU4vKAkrcfYx0PVJzix3ynSszEh3LQcAWmsvVh4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjMxMjU0MDEzMDSyNDEysjQ3sBDiM9R1ztJNDIrwqch3DysCAOFikrIlAAAA
.rfihub.com/	1970-01-21 00:33:26	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dU4vKAkrcfYx0PVJzix3ynSszEh3LQ_iNTSzNDM2NDA1MDU3MXvFiMoHAKPXl-E9AAAA
.travelaudience.com/	1970-01-21 00:43:31	Name: _tracker Value: %7B%22UUID%22%3A%227A718ACD-AF9F-4E94-303B-19AC0BD81D54%22%7D
beacon.lynx.cognitivlabs.com/	1970-01-20 23:58:52	Name: UID Value: b342a09c-6e33-45d8-af75-c927fa24de46
beacon.lynx.cognitivlabs.com/	1970-01-20 23:58:52	Name: ss Value: ptfkaC6%2BtH7zVAE4mFqQO%2B3iyynA0cDDVuestxEzzKAYp7GVhzPV%2F5%2FfjlJoEqGFPM3OIGlM4Am3wKcFdhs5lg%3D%3D
.w55c.net/	1970-01-21 00:43:31	Name: wfivefivec Value: KtWioQWm1QNxQR5
.adx.opera.com/	1970-01-20 23:57:26	Name: UID Value: OPU5a6221e8e0b042378bff62d0c12343e1
.w55c.net/	1970-01-20 15:55:02	Name: matchgoogle Value: 5
.pswec.com/	1970-01-21 00:47:50	Name: tuuid Value: bed23ece-b61c-4363-97e5-c6a0101b09c6
.pswec.com/	1970-01-21 00:47:50	Name: c Value: 1696310506
.pswec.com/	1970-01-21 00:47:50	Name: tuuid_lu Value: 1696310506
.quantserve.com/	1970-01-20 17:21:26	Name: d Value: ED4BCQGMKoEA
.quantserve.com/	1970-01-21 00:42:04	Name: mc Value: 651ba4ea-37575-ce525-df77d
.yandex.ru/	1970-01-21 00:47:50	Name: yuidss Value: 7680416341696310506
.yandex.ru/	1970-01-21 00:47:50	Name: yandexuid Value: 7680416341696310506

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2587532934367282&output=html&h=280&adk=873553977&adf=2598968495&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696346505&rafmt=1&to=qs&pwprc=1064502368&format=1200x280&url=https%3A%2F%2Fvox.cc%2Fmi&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696310505163&bpp=1&bdt=2872&idt=-M&shv=r20230928&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc05046d019d86b7d%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MZLccpe9ZpbSQWTUO3kjB_035RK0Q&gpic=UID%3D00000d96828c205f%3AT%3D1696310503%3ART%3D1696310503%3AS%3DALNI_MbdOCwGTxWwiAA9OGNkALZsBGNefQ&prev_fmts=0x0%2C1140x280&nras=3&correlator=4197050320601&frm=20&pv=1&ga_vid=896975654.1696310504&ga_sid=1696310504&ga_hid=850168929&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44803492%2C31078200%2C31078202%2C31078301&oid=2&psts=AOrYGsmyZtpwrmRUQTR80kpdcchGju_TzRsHfqveqYWcrDUEeDshz-zMMs-4U3l4Qh1FtFCleNVXZzUySj4KnYFKZ-uDM_Q8&pvsid=805716137552856&tmod=597764901&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=P4WPvTYnpd&p=https%3A//vox.cc&dtd=6 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
admin.ml
ads.travelaudience.com
ads.us.criteo.com
an.yandex.ru
analytics.pangle-ads.com
beacon.lynx.cognitivlabs.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.us.criteo.net
dis.criteo.com
fonts.googleapis.com
googleads.g.doubleclick.net
ia.51.la
imageproxy.us.criteo.net
ius.ctnsnet.com
js.users.51.la
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.va.us.criteo.com
static.criteo.net
t.adx.opera.com
t.pswec.com
tpc.googlesyndication.com
tr.blismedia.com
vox.cc
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ia.51.la
172.253.115.156
172.253.63.155
184.25.127.143
192.184.69.201
199.38.167.130
2600:1f18:4e9:5a05:d6bf:1e44:3d6f:f3c1
2606:4700:3033::ac43:bdb1
2606:4700:3035::6815:4532
2606:4700::6811:190e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c19::68
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::9b
2607:f8b0:4004:c1d::9d
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2a02:6b8::90
34.96.105.8
35.169.220.23
35.186.193.173
35.190.0.66
35.211.178.172
42.236.74.130
44.215.9.43
52.202.64.188
74.119.119.147
74.119.119.150
82.145.213.8
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
0f9d2a052c7696a8c339d36287b52abaad7e4a9e3a3dbe03b74771cca62ebade
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ee290ba2cbdbfb6ad2f39d50631fbdc59d4f8f1cc022e9f77e233083829078d
232757a70a629d99561209113a151ce105f221949a1b0416058a07014508122c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
2d0494387af5c56ed1325acb496717c5cee136594c7541c0c440c63d8ecd9209
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dcd66064e6fb85ef3efd281f2af4a481f144cdd22f134ec284b03b9a2bcbffe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33eefdbd02580f81ccdf0cf481b07e52ed5bc9e5b814aab76dcac4435d2da608
36a8a08c9944d5ae9e44f22f38d3afdae4f2b1d59c1469f52316862b29eca87e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3d74be06477576d1bc76d3735720121617d1130917f66697188220c8715d9003
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4542ff08e1ba2a0ed00a5cfad08d11576c7defed9058ea6edcbce62346ef2689
48517caf1931d977922cd5f66fb9294fd1997f70b09a57370edd811d4cabbd24
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6330531ca8e9a915bee544486a57bb179718017f237abfef918f0455e040d59a
63ed430cfe5d47fd872b79b25dff7c69f6367a950604fe72144f6441112188b8
6424c6e5f6b1435d7f0d9394a96129b4c68c284d3e10beab9e1e17ec7f03444f
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6b078640beeb8bd22d026eee4937c8a3bdc673edd59c15f0a020e74f080f7589
6b621b14fc505937604476e1b73db24c53aa52004134ef6b4183dc0e1a400f29
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
79e50230d5937574c3bccdd2eb91e36328bfcf0e92e652da39013a54f8a146b6
7c1c55254cfe76d28ca7f98734d310a4ee62ccabb2229aa829fbeed12fdbbf01
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
81912a817094091b3bd5cfabde50c5005a2ccdafcc884502a9b8af9ac762a58e
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
8f24f834e30c99ef6e707e5a2a624a28f1b666e426be392f2b7c517050de2cfa
925d29786f02bbfd40feb46ea64de637f0dfd6dbbd8880c27840c4867d2b1a66
959c729c49bf3b04bda7b916fedd302e3bbf10c6f9e248a062297ed216d936c7
9960d368fc440ca4f61822bd717791b6a446f4b1acea6bda10055ad025d9af4f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8c27162c3ea0ff17f300ebc91b235a5ed019ca4dee56006ed708d6ba880d01
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a2fcf56f3a5815338b809cd7e8b9a80b676bc6ad801f4c9666b3e9c7bdfd4
b552cb60ec0f39b753307576582499fada36182d78849682121f048d1c4f1d52
bd049f24ef960817b05157d1057990357ba76dc28f2446b2d50f7423e4014770
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
d1ccd6343be05009a6a92c9b457cc7b27f06df0fb8deacf4538ce9b70782765c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46191530368e754389370b00669790ab10aac1ecce2334ce93a0b29d5d95117
ed74f924c9115e58823e01bed6a3ca8fe602a57589373394e96f91c7d5d7e383
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c4f1d7bdf164eabd8ea2aa1b62c8fcf212d39c85bbcfebbab4f51765eedf9b
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
f97b661f75d2e47fd491feaf543972979283c4b70b9afcfbc5609d6ffff9baa2

vox.cc Open in urlscan Pro 2606:4700:3035::6815:4532 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

142 Requests

89 %HTTPS

52 %IPv6

26 Domains

35 Subdomains

23 IPs

4 Countries

1665 kBTransfer

4380 kBSize

33 Cookies

3 Outgoing links

Page URL History

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vox.cc Open in urlscan Pro
2606:4700:3035::6815:4532 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

89 %
HTTPS

52 %
IPv6

26
Domains

35
Subdomains

23
IPs

4
Countries

1665 kB
Transfer

4380 kB
Size

33
Cookies

142 HTTP transactions
5 data transactions