www.activetk.jp Open in urlscan Pro
104.21.91.119  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/wXGONnI07V Page URL
2. https://www.activetk.jp/tools/yt-not-well-known Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENugjWoVcQFblwok2jUBm90&google_cver=1

Request Chain 54

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTNJePA9qE-NLUTK5MT40gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1

Request Chain 55

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEGxPpki02g4I_JIdcAVTkEA&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGxPpki02g4I_JIdcAVTkEA%26google_cver%3D1

Request Chain 56

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D

Request Chain 57

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhU__Y4WYvzJvFTXM6xpDU&google_cver=1

Request Chain 58

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTNJeGVlBXckQ75293t4.QAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1&google_hm=2

Request Chain 59

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEH0FmkmJJMB_OeaupwMKhRY&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH0FmkmJJMB_OeaupwMKhRY%26google_cver%3D1

Request Chain 60

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D

Request Chain 61

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1

Request Chain 62

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTNJeOPaWCO5h0RKf-zzpAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1

Request Chain 63

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEIAIGWgy--e3K4ePqAdHbAM&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIAIGWgy--e3K4ePqAdHbAM%26google_cver%3D1

Request Chain 64

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	wXGONnI07V t.co/	297 B 674 B	354ms 126ms	Document text/html	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Full URL https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_p / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private,max-age=300 content-encoding gzip content-length 192 content-type text/html; charset=utf-8 date Sat, 21 Oct 2023 03:45:54 GMT expires Sat, 21 Oct 2023 03:50:55 GMT perf 7626143928 server tsa_p strict-transport-security max-age=0 vary Origin x-connection-hash 02733d608efd7dc7dcf7b78a5e23be09d19e23d26b00f77461f234ac7397fa8b x-response-time 16 x-transaction-id b6988dbbe0b30fda x-xss-protection 0
GET H2	200	Primary Request yt-not-well-known Show response www.activetk.jp/tools/	6 KB 3 KB	244ms 81ms	Document text/html	104.21.91.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.activetk.jp/tools/yt-not-well-known Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.91.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f00589553ebc6bb506770f1f7b24e5bae33c3bed0851926e05f7a7f31d11702b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://t.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-origin "https://note.activetk.jp https://bitcoin.activetk.jp" age 2888 alt-svc h3=":443"; ma=86400 cache-control max-age=14400 cf-cache-status HIT cf-ray 819682b4fff96069-YVR content-encoding br content-type text/html; charset=UTF-8 date Sat, 21 Oct 2023 03:45:55 GMT last-modified Sat, 21 Oct 2023 02:57:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51nIzR%2BUnYV0C0ZRLGWhdL3P3VFRaiKzUsL%2FlZjpA2FbdCDUwjcduOoldWeWTkAQ3yBCjFgp%2FMGsCLwhyhl0RKlZXndjRte%2BK8TUfod1DzpAmudlbpkBrneRygk5HWjMId4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options deny x-permitted-cross-domain-policies none x-xss-protection 1; mode=block
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 22 KB	234ms 85ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://www.activetk.jp accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 984 age 2888 cdn-cachedat 06/19/2023 03:09:07 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"04aca1f4cd3ec3c05a75a879f3be75a3" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 158659b836b05ac0b927881e44b36ed1 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 819682b66b7d844a-YVR cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	239 KB 84 KB	446ms 167ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V1CPYP07HP Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 1b18e68f5f3828d6f4a275fc32fdf14c17388b5cf94de17300f74545711440a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85244 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 21 Oct 2023 03:45:56 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	452ms 168ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2939270978924591 Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 538eb8f16da90bacb19deaf91b39467a23c303772441ed7d193a3f12bfabc490 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://www.activetk.jp accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51102 x-xss-protection 0 server cafe etag 653204257366838572 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 21 Oct 2023 03:45:56 GMT
GET H2	200	iframe_tracker.js Show response www.activetk.jp/js/	3 KB 2 KB	82ms 79ms	Script application/javascript	104.21.91.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.activetk.jp/js/iframe_tracker.js Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.91.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a667ccd1d9e1f0c451366b508edca9aef27c9c585def13eff70f4943dcff78f3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://www.activetk.jp/tools/yt-not-well-known User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2888 cf-polished origSize=3186 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 17 Aug 2023 13:54:06 GMT server cloudflare etag W/"c72-6031ebedf7413" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYByNgTS8u9Gb%2FphHEofVyPDvqNdNyEKeQE0qpsw%2F9nTvVkJus0jcEyY61IJo0gshANLA9D7AJWHSXK%2BUz26AOP7lsWRXX1P2xDQHjSmQMg4O%2FQ0aZh0S2xiqvpAEI3RT0w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 819682b78adc6069-YVR expires Sat, 28 Oct 2023 02:57:48 GMT
GET H2	200	ads_hunting-blocker.js Show response www.activetk.jp/js/	1005 B 851 B	84ms 82ms	Script application/javascript	104.21.91.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.activetk.jp/js/ads_hunting-blocker.js Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.91.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash beaa1f81a32fd82f3d56aa14cec1e050f63004daec26f54cc1656295bf22b9ca Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://www.activetk.jp/tools/yt-not-well-known User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 346136 cf-polished origSize=1679 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 17 Aug 2023 13:54:03 GMT server cloudflare etag W/"68f-6031ebeaccb1e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzOD6ikkM47ZuDRNfW026HgymY8ZfI68K1eNRq2kOFpj44iR4H2RF0KgV8ED1ya%2FQUEmXmBh4BLkBc4Z5t5fzTp5ficGLnXpPIZvY4M0CGbMaqUVUPLsGJmRj3K1EfTSO%2B0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 819682b78add6069-YVR expires Tue, 24 Oct 2023 03:37:00 GMT
GET H2	200	KonamiCode.min.js Show response www.activetk.jp/js/	36 KB 13 KB	86ms 84ms	Script application/javascript	104.21.91.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.activetk.jp/js/KonamiCode.min.js?v=5 Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.91.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac6d5fd61d090c49d7d7ab3cb16e87b9126386cf21b797c1efb27b61ea92b6f5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://www.activetk.jp/tools/yt-not-well-known User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2888 alt-svc h3=":443"; ma=86400 last-modified Thu, 17 Aug 2023 13:54:08 GMT server cloudflare etag W/"8fcb-6031ebef7af4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v4PTAUWT8%2BS69YxHpfSgIc0PZPnz0iq3ZLPJCE0x9YkMCYWzGne%2FI%2FR4eFfvVgZeihaHXh3P0LE8kxyvdrc1wWpd3wFmer24dLxNVEvf%2FvAKZG1uMbv1ZDoclGThXYA%2BSo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 819682b78adf6069-YVR expires Sat, 28 Oct 2023 02:57:48 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	281ms 129ms	Script text/javascript	104.16.57.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: www.activetk.jp URL: https://www.activetk.jp/tools/yt-not-well-known Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer Origin https://www.activetk.jp accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:56 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 819682b88b662d4e-YVR
POST H2	204	collect www.google-analytics.com/g/	0 254 B	430ms 148ms	Ping text/plain	142.251.163.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-V1CPYP07HP&gtm=45je3ai0&_p=1449628459&cid=262023656.1697859957&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697859956&sct=1&seg=0&dl=https%3A%2F%2Fwww.activetk.jp%2Ftools%2Fyt-not-well-known&dr=https%3A%2F%2Ft.co%2F&dt=YouTube%20%E9%80%86%E9%A0%86%E6%A4%9C%E7%B4%A2%E3%83%84%E3%83%BC%E3%83%AB%20%7C%20ActiveTK.jp&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V1CPYP07HP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f113.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:45:57 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.activetk.jp cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/	394 KB 134 KB	462ms 182ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2939270978924591 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 24885696c288deba996cf085958d867dd52669354661e204df9a427e40663041 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136894 x-xss-protection 0 server cafe etag 9886756285734910637 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 21 Oct 2023 03:45:57 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame 4EA8	10 KB 5 KB	421ms 140ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2939270978924591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 1660 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 03:18:17 GMT etag 4569948109300706969 expires Sat, 04 Nov 2023 03:18:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	389 B 602 B	433ms 150ms	Script text/javascript	172.253.63.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.activetk.jp&callback=_gfp_s_&client=ca-pub-2939270978924591 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f154.1e100.net Software cafe / Resource Hash 4b67817d2a105de43b4551d25975bd3b6fdfa7e21753725e223fc8d74dff6ecf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 251 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9ECA	508 KB 117 KB	1449ms 1448ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2939270978924591&output=html&adk=1812271804&adf=3025194257&lmt=1697882267&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fwww.activetk.jp%2Ftools%2Fyt-not-well-known&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697859956957&bpp=3&bdt=922&idt=774&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6935629224113&frm=20&pv=2&ga_vid=262023656.1697859957&ga_sid=1697859958&ga_hid=1449628459&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44805113%2C44805533%2C44805681%2C44805919%2C44805932%2C31078301%2C31078965&oid=2&pvsid=3588275462013289&tmod=996181151&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.co%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=795 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash c274aa8ff6d205f237e3f469eb3b9a5f4c0090667248468133107192e0049f6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 119644 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 03:45:59 GMT expires Sat, 21 Oct 2023 03:45:59 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	162ms 162ms	XHR application/json	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 8ff2b03c50bb53eb4a4b3e2cd84755256cf7d298893393fd8a612dae058fdbac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:59 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12221 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/	159 KB 54 KB	173ms 173ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/reactive_library_fy2021.js?bust=31078965 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 31065c5bb3174bbd55f3f173c450558bb83bc25936fa479d67ebdb4d666da10f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:59 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55344 x-xss-protection 0 server cafe etag 352341794614498820 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 21 Oct 2023 03:45:59 GMT
POST H3	204	rum Show response www.activetk.jp/cdn-cgi/	0 177 B	82ms 82ms	XHR text/plain	104.21.91.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.activetk.jp/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.91.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.activetk.jp/tools/yt-not-well-known accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 content-type application/json Response headers date Sat, 21 Oct 2023 03:45:59 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.activetk.jp x-frame-options DENY access-control-allow-credentials true cf-ray 819682caab87136a-YVR
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	546ms 258ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:45:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 21 Oct 2023 03:45:59 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 19BE	10 KB 4 KB	142ms 141ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 34837 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 20 Oct 2023 18:05:22 GMT etag 4569948109300706969 expires Fri, 03 Nov 2023 18:05:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 2D34	10 KB 4 KB	142ms 141ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 34837 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 20 Oct 2023 18:05:22 GMT etag 4569948109300706969 expires Fri, 03 Nov 2023 18:05:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 1A05	10 KB 4 KB	154ms 152ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 34837 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 20 Oct 2023 18:05:22 GMT etag 4569948109300706969 expires Fri, 03 Nov 2023 18:05:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame B4AB	10 KB 4 KB	141ms 140ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_fy2021.js?bust=31078965 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 34837 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4480 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 20 Oct 2023 18:05:22 GMT etag 4569948109300706969 expires Fri, 03 Nov 2023 18:05:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 19BE	4 KB 1 KB	480ms 196ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 21 Oct 2023 02:11:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 21 Oct 2023 03:46:00 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 19BE	205 B 650 B	464ms 178ms	Image image/png	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 13:51:43 GMT x-content-type-options nosniff age 50057 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 19 Oct 2024 13:51:43 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 19BE	604 B 695 B	476ms 190ms	Image image/png	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 13:33:17 GMT x-content-type-options nosniff age 51163 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 19 Oct 2024 13:33:17 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 19BE	15 KB 7 KB	218ms 142ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 18:49:27 GMT content-encoding br x-content-type-options nosniff age 32192 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6582 x-xss-protection 0 server cafe etag 15902073051392820161 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 18:49:27 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 19BE	20 KB 9 KB	226ms 151ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 18:04:13 GMT content-encoding br x-content-type-options nosniff age 34906 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8598 x-xss-protection 0 server cafe etag 10300645532664441910 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 18:04:13 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame DBB9	624 B 246 B	163ms 162ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYsYOBmAEwAQ&v=APEucNWeGd6voK8rceJ2YcjTZZK8Pu60pbiynyYJkayKlBoIhM3Yq3bQgrH6Nyv3M3LzMdgwUiPbBqV7KwIUDGAEyc7RAnpf_g Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 03:45:59 GMT expires Sat, 21 Oct 2023 03:45:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame B3AB	111 KB 39 KB	666ms 252ms	Script text/javascript	142.251.167.148
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.148 -, , ASN (), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 22:27:25 GMT content-encoding gzip x-content-type-options nosniff age 19115 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 21 Oct 2023 22:27:25 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame B3AB	7 KB 3 KB	140ms 139ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 18:13:54 GMT content-encoding br x-content-type-options nosniff age 34325 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 18:13:54 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame B3AB	23 KB 9 KB	141ms 141ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 15:42:20 GMT content-encoding br x-content-type-options nosniff age 43419 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9137 x-xss-protection 0 server cafe etag 5200559654007170660 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 15:42:20 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B3AB	41 KB 14 KB	216ms 214ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Thu, 19 Oct 2023 18:36:43 GMT content-encoding br x-content-type-options nosniff age 119356 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 18 Oct 2024 18:36:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B3AB	3 KB 1 KB	213ms 212ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:55 GMT content-encoding br x-content-type-options nosniff age 35164 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:55 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B3AB	20 KB 8 KB	240ms 239ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:58 GMT content-encoding br x-content-type-options nosniff age 35161 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8427 x-xss-protection 0 server cafe etag 8504628880869859743 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B3AB	187 KB 59 KB	557ms 144ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60178 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697628223465749" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Oct 2023 03:46:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B3AB	42 B 63 B	155ms 155ms	Image image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzX2AAVQmD85e8d7tO-XH6UHsB19mY4hq8HYXueIoOjtblOKXIpvLVECe5EOSjHTv5kmhR4Q82go6KWyCtdPMVH1BcTtbKNpgNCWRKxjSONx03ecw Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:45:59 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A9A1	624 B 246 B	163ms 162ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNUiiWbQYioyPWk2dPaVuYyT2wkLCNM9G17D1XljU1-Kr5ZRhKooM2mT5DJ6boYX7QU6Djsm0BSpRaisZZTz5AhbbTwpKA Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 03:45:59 GMT expires Sat, 21 Oct 2023 03:45:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame B8D2	111 KB 39 KB	513ms 140ms	Script text/javascript	142.251.167.148
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.148 -, , ASN (), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 22:27:25 GMT content-encoding gzip x-content-type-options nosniff age 19115 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 21 Oct 2023 22:27:25 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame B8D2	7 KB 3 KB	140ms 140ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 18:13:54 GMT content-encoding br x-content-type-options nosniff age 34325 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 18:13:54 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame B8D2	23 KB 9 KB	140ms 140ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 15:42:20 GMT content-encoding br x-content-type-options nosniff age 43419 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9137 x-xss-protection 0 server cafe etag 5200559654007170660 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 15:42:20 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B8D2	41 KB 13 KB	291ms 289ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Thu, 19 Oct 2023 18:36:43 GMT content-encoding br x-content-type-options nosniff age 119356 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 18 Oct 2024 18:36:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B8D2	3 KB 1 KB	309ms 308ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:55 GMT content-encoding br x-content-type-options nosniff age 35165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:55 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B8D2	20 KB 8 KB	232ms 231ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:58 GMT content-encoding br x-content-type-options nosniff age 35161 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8427 x-xss-protection 0 server cafe etag 8504628880869859743 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B8D2	187 KB 59 KB	738ms 361ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60178 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697628223465749" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Oct 2023 03:46:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B8D2	42 B 63 B	155ms 155ms	Image image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BbzC77EeSRWo78dUAEp4fwYnbS8kia8MoIAu_97mMzgWb-VNw9jcpQZz-_vqDb8JOVN7-bDrkoG4x2UGyjtWSYdGZ2EFb-XfPuIAFiDn1OvEla9eE Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:45:59 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A70F	624 B 246 B	164ms 162ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARix6ItjMAE&v=APEucNU5h8jnslPxi3KPbHoTT1cFlfTICS93EtPZEEKsQuvw9gjoJ8JAVY0gEXkyn0aoworZeunD-ggRdacOGnV_OddnZe1YJQ Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 03:46:00 GMT expires Sat, 21 Oct 2023 03:46:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 70AC	89 KB 31 KB	170ms 169ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:46:00 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sat, 21 Oct 2023 03:46:00 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 70AC	2 KB 1 KB	563ms 145ms	Script application/javascript	23.12.146.139
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115738&plc=4171534&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jgxSE3_-whz0ATOktkMbUu&DVP_DBM_1=3060631&DVP_DBM_2=11522355&DVP_DBM_3=31753100&DVP_DBM_4=207811633&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1670791550776&turl=https://www.activetk.jp/tools/yt-not-well-known&DVP_PP_BUNDLE_ID=&dvregion=0&unit=160x600 Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.12.146.139 -, , ASN (), Reverse DNS Software UploadServer / Resource Hash 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 03:46:00 GMT Content-Encoding gzip Last-Modified Mon, 02 Oct 2023 09:51:44 GMT Server UploadServer ETag "56f95dec40f6402642b5537aa29ad91c" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 932 Expires Sun, 22 Oct 2023 03:46:00 GMT
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame 70AC	9 KB 4 KB	554ms 142ms	Script application/javascript	23.12.146.139
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0jgxSE3_-whz0ATOktkMbUu&DVP_DBM_1=3060631&DVP_DBM_2=11522355&DVP_DBM_3=31753100&DVP_DBM_4=207811633&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1670791550776&turl=https://www.activetk.jp/tools/yt-not-well-known&DVP_PP_BUNDLE_ID= Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.12.146.139 -, , ASN (), Reverse DNS Software UploadServer / Resource Hash b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 03:46:00 GMT Content-Encoding gzip Last-Modified Tue, 17 Oct 2023 12:35:35 GMT Server UploadServer ETag "feed0819b127152e53765dac6c4fa8da" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3638 Expires Sat, 21 Oct 2023 04:01:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 70AC	3 KB 1 KB	286ms 285ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:55 GMT content-encoding br x-content-type-options nosniff age 35165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:55 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 70AC	20 KB 8 KB	289ms 287ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:58 GMT content-encoding br x-content-type-options nosniff age 35162 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8427 x-xss-protection 0 server cafe etag 8504628880869859743 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 70AC	187 KB 59 KB	643ms 290ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60178 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697628223465749" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Oct 2023 03:46:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 70AC	42 B 63 B	156ms 155ms	Image image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAKcExG9RCIBXwSgH4H1F_ATEDvk2UADw1ux9ffpSIJKC2z52SeYA-9B_TGRza_WQ70NCXMSctZ77O1or-v48HGr8Hhhr_9xD8n-JRxCtzfBQhWdc Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 70AC	0 20 B	155ms 154ms	Image image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14474048192062451893&x=1&ct=77 Requested by Host: t.co URL: https://t.co/wXGONnI07V Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame DBB9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENugjWoVcQFblwok2jUBm90&google_cver=1	43 B 326 B	135ms 134ms	Image image/gif	104.18.27.193
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENugjWoVcQFblwok2jUBm90&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYsYOBmAEwAQ&v=APEucNWeGd6voK8rceJ2YcjTZZK8Pu60pbiynyYJkayKlBoIhM3Yq3bQgrH6Nyv3M3LzMdgwUiPbBqV7KwIUDGAEyc7RAnpf_g Protocol H2 Server 104.18.27.193 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdMZMe8FQYyEocidsoyjHnFo0Dne1tyMBySGJASXrBq5pT9Kl6x7FmHXUC7R3yMMHmqT2CKav%2FS5S3%2BrFSsRIwbh7sv2RGQNkBEgBKLaDKYKShXZIFgqaVVczrHeMFFAfbz26v3lywAXNA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 819682d15bc22d9c-YVR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENugjWoVcQFblwok2jUBm90&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame DBB9 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTNJePA9qE-NLUTK5MT40gAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1	43 B 770 B	115ms 114ms	Image image/gif	104.18.27.193
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYsYOBmAEwAQ&v=APEucNWeGd6voK8rceJ2YcjTZZK8Pu60pbiynyYJkayKlBoIhM3Yq3bQgrH6Nyv3M3LzMdgwUiPbBqV7KwIUDGAEyc7RAnpf_g Protocol H3 Server 104.18.27.193 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuDsdw6SfoQrUosFhgryjaKF1Tu%2FAR%2BprkTQqf%2BK4coiUI3Oqwir20a9LKDE%2BTKcCJWDeKYUSacEKhsZH%2Buj6ubEbWlrxtU4DnKt0D9ehZ8GmI5XlD5OkCgbFUBrxjv4KFB43fd8dJLNUg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 819682d29e7d8443-YVR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame DBB9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEGxPpki02g4I_JIdcAVTkEA&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGxPpki02g4I_JIdcAVTkEA%26google_cver%3D1	43 B 886 B	148ms 148ms	Image image/gif	68.67.160.132
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGxPpki02g4I_JIdcAVTkEA%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYsYOBmAEwAQ&v=APEucNWeGd6voK8rceJ2YcjTZZK8Pu60pbiynyYJkayKlBoIhM3Yq3bQgrH6Nyv3M3LzMdgwUiPbBqV7KwIUDGAEyc7RAnpf_g Protocol H2 Server 68.67.160.132 -, , ASN (), Reverse DNS Software nginx/1.21.3 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid 317db496-36aa-4a7d-baab-5650729f08af server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid 7dcf2152-8996-4738-8ae6-afbb71625f5b server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGxPpki02g4I_JIdcAVTkEA%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame DBB9 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D	170 B 243 B	154ms 153ms	Image image/png	172.253.63.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYsYOBmAEwAQ&v=APEucNWeGd6voK8rceJ2YcjTZZK8Pu60pbiynyYJkayKlBoIhM3Yq3bQgrH6Nyv3M3LzMdgwUiPbBqV7KwIUDGAEyc7RAnpf_g Protocol H2 Server 172.253.63.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid d0408095-3c42-4426-94cc-a8fedc6b3f9a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame A9A1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhU__Y4WYvzJvFTXM6xpDU&google_cver=1	43 B 525 B	115ms 115ms	Image image/gif	104.18.27.193
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhU__Y4WYvzJvFTXM6xpDU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNUiiWbQYioyPWk2dPaVuYyT2wkLCNM9G17D1XljU1-Kr5ZRhKooM2mT5DJ6boYX7QU6Djsm0BSpRaisZZTz5AhbbTwpKA Protocol H2 Server 104.18.27.193 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzDa4pyik9N1OF1z58t9qkMK7tTcmh9QtMSUApkOwHGY1j8HtYs2zSDuuZCHJYjBRlfZkD%2BaLZOcdASAZV%2F37fefiydDL3dzntz0cNCAKrCFf8nlCfjTTBA%2B%2B0ZrFLaTaLYOSabV7VR7TQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 819682d15bbf2d9c-YVR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELhU__Y4WYvzJvFTXM6xpDU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A9A1 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTNJeGVlBXckQ75293t4.QAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1&google_hm=2	43 B 737 B	115ms 115ms	Image image/gif	104.18.27.193
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNUiiWbQYioyPWk2dPaVuYyT2wkLCNM9G17D1XljU1-Kr5ZRhKooM2mT5DJ6boYX7QU6Djsm0BSpRaisZZTz5AhbbTwpKA Protocol H3 Server 104.18.27.193 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qru19vavM%2F3k6GlSn3u1htRHJCM3%2FJOEN0wQibSGw%2B9I%2FJI23VE0opdk7WupaMnzt5%2FGRtcQ3Wmpa6Fivfb9dFmGZbuEEoE3Bc4uq1SCGzakZWje8c0x%2FdDesZoUxOMCSISZLbJ%2BRdpXVg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 819682d29e818443-YVR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame A9A1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEH0FmkmJJMB_OeaupwMKhRY&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH0FmkmJJMB_OeaupwMKhRY%26google_cver%3D1	43 B 893 B	192ms 192ms	Image image/gif	68.67.160.132
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH0FmkmJJMB_OeaupwMKhRY%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNUiiWbQYioyPWk2dPaVuYyT2wkLCNM9G17D1XljU1-Kr5ZRhKooM2mT5DJ6boYX7QU6Djsm0BSpRaisZZTz5AhbbTwpKA Protocol H2 Server 68.67.160.132 -, , ASN (), Reverse DNS Software nginx/1.21.3 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid e0685bdb-f9f2-4d1f-ab97-1b967e05b971 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid cfbccc32-befc-4254-bae6-89c08abcb8a7 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH0FmkmJJMB_OeaupwMKhRY%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A9A1 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D	170 B 232 B	153ms 153ms	Image image/png	172.253.63.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDOyFUYqtv-lwEwAQ&v=APEucNUiiWbQYioyPWk2dPaVuYyT2wkLCNM9G17D1XljU1-Kr5ZRhKooM2mT5DJ6boYX7QU6Djsm0BSpRaisZZTz5AhbbTwpKA Protocol H2 Server 172.253.63.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid 07a27ffa-bdde-41eb-b24f-bddcaddf1faf server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame A70F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1	43 B 438 B	113ms 113ms	Image image/gif	104.18.27.193
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARix6ItjMAE&v=APEucNU5h8jnslPxi3KPbHoTT1cFlfTICS93EtPZEEKsQuvw9gjoJ8JAVY0gEXkyn0aoworZeunD-ggRdacOGnV_OddnZe1YJQ Protocol H2 Server 104.18.27.193 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYVeyCKhyGnBEFkST2PhKoFJSNgn4QK0nuAQbjf4%2BZWSJwJCTVZolAj8WryW%2BWVCGia3OexqF5iia5LdXwYc%2B14A%2BretVZNw1576qokTf7W4BsfX2ydPFBt8f9%2B2lykI7q01qsWECcn8aQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 819682d15bc12d9c-YVR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame A70F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTNJeOPaWCO5h0RKf-zzpAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1	43 B 733 B	118ms 117ms	Image image/gif	104.18.27.193
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARix6ItjMAE&v=APEucNU5h8jnslPxi3KPbHoTT1cFlfTICS93EtPZEEKsQuvw9gjoJ8JAVY0gEXkyn0aoworZeunD-ggRdacOGnV_OddnZe1YJQ Protocol H3 Server 104.18.27.193 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3Rrba72IQEYkYx2LBUFxYpCSNapifqiMc5zqLfe9EnMhb8Jw6sxFSMdzKmGbjCq%2B5bKhQYyuGso7x2ZtFBr%2B5ewUbK9FmMDKpkKHT2UPS4YGCqAJEHO3qzuUJRzNSRzD7Vxrjk2rb%2B0ZA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 819682d29e7f8443-YVR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEhbjzvpTxHOguM_ZNrWwg0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame A70F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEIAIGWgy--e3K4ePqAdHbAM&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIAIGWgy--e3K4ePqAdHbAM%26google_cver%3D1	43 B 893 B	148ms 148ms	Image image/gif	68.67.160.132
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIAIGWgy--e3K4ePqAdHbAM%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARix6ItjMAE&v=APEucNU5h8jnslPxi3KPbHoTT1cFlfTICS93EtPZEEKsQuvw9gjoJ8JAVY0gEXkyn0aoworZeunD-ggRdacOGnV_OddnZe1YJQ Protocol H2 Server 68.67.160.132 -, , ASN (), Reverse DNS Software nginx/1.21.3 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid c51297cb-28cd-4872-8ce4-a5d64482168d server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid 274900c6-dc64-43ad-8a5c-f20b498a8595 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIAIGWgy--e3K4ePqAdHbAM%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A70F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D	170 B 232 B	155ms 154ms	Image image/png	172.253.63.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARix6ItjMAE&v=APEucNU5h8jnslPxi3KPbHoTT1cFlfTICS93EtPZEEKsQuvw9gjoJ8JAVY0gEXkyn0aoworZeunD-ggRdacOGnV_OddnZe1YJQ Protocol H2 Server 172.253.63.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT an-x-request-uuid 157b152e-a9ec-48dd-8369-391e6a06dd70 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjExMzY2OTc5MzU3Njk1NTEzMw%3D%3D x-proxy-origin 176.100.43.24; 176.100.43.24; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 47C7	22 KB 8 KB	147ms 145ms	Document text/html	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 120272 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 19 Oct 2023 18:21:28 GMT expires Fri, 18 Oct 2024 18:21:28 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 70AC	0 20 B	155ms 154ms	Ping image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2899248707484&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 70AC	0 20 B	154ms 154ms	Ping image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2899248707484&version=m202309260101&ct=77&x=1&cor=14474048192062452000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response ad.doubleclick.net/dbm/ Frame 70AC	30 KB 19 KB	462ms 178ms	Script text/javascript	172.253.63.149
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3TQgGNEEfJdlB5qR8mGq1pS7Dp9wwLkpsA-Ew0EskhmNBpkH2nKxBV6SC0VXmuYv67c6prhtLmz3RbXAbfaNNOu7CEVK8VskMJ4QV7lwdEUFm80yhRaQUvQKehxSrRxxEGTx9Zd5XVPgyXfMcQ1q_0MzB8ltk7HzPeBSZCSjLXLt5cWc&cry=1&dbm_d=AKAmf-CIBClivF9sMLuYIr1quFn-On-yfIegtG9inCmGf1Fq-q07tX_fZ_Ra0WHNG9DMWZ3jwaHWR25WC_mZRm_4K9JMSlO9diw2-rFbD8AvgpvpnSoMa5uBiCr7j9nJwYkL3HsN_qybYadpHs46RL__Xq8DS7FuLACStzOYlT-Ggzo-Lbrz7eMI9u-TBZe86x3kI7WzhOxxpCoPukYXBoKz32bqTdI19x4b2cJ5d35YOJXt0R_N-bGqLM6SsnLutHpS66XV-qBM-hVRegsktD5I6DE_GWqv4741Aht2OkdDArlEjZKocXD0gfPD9E74NLW-UhWcdBlX6qeTTA7GrOZacnwPsuEZvkD6w4ACFWsupHzysFGIVD-rMGRyeUrEMSV35y9ce8j5nukoXW6ID54zU4E-YZvJqKTCzocIimeC4v6_9ftQkPzx0dhk-QnxeD1fq_DGJCyYMUPeM5CO3LIDBG6ClGByMpCeXHKOBS66ZYezemw6kSwqof-iczZ1TJlb837W390b_t0DiSkZsZYtdSUQADnFCV9E-HFmeD4p5BpwcAYMj36i8d5f5o_JATsezZRBS9RFS-e6z6Gw3A3aAaNarLt0KirPqR85ZnroqGyVxg4mVXKzv4MFxwWzis3qityWncV87508my8vwisAo6f-u7L3lxkD8AQCFTNiVDc9qwXkfxn_kJ1fPsc2EZVP8Jgqj3TnOfLu8_s7IDcU-aX4TAE36Nwl4-nRWajDznjOpNTEw2t_hDHlk1XkuEIxqr3Gd4WxwnBL7uxPG3JWfs-CxFC0zJBNaBrRRRf67LSvjQQtNl768zB3kjwQ885035zkqbTnggPfMRviOchNq_HWDC4VEA8HWNM37RC5kIJdFaNeBVMGgSXEOeNSaiQaLgYGDd1xuir2XRZL5JP12srgtw20QOKYN17ZETqfjeH6_IjbET8B8aHPFC8OXV1ddKXhPinhKwzswrnEl8egBh7OrR0UtxZ_xaj8DROllKQEulN3YBVfptBuNLgjaQNpe7GzYN07cx9T_r_P2jTFAwnohFXdnsvg_gUwwu04IDcvH4bPg4VFwupYxtzyGDVlRi-hpUIDmzuU3SY-tevzOhV2kucUqOrA1Ky4a-1zo5kyQvIseb0_PqvrjTu_YsNh_nmNn_vvlpOa6P-CVPP1JR5P2k3RQyAtzDUu0QIvdxrlP252xmxPkWjTFXeLk4Gc2wVFh-OGc0JbKVuPJ7HeZW04f4aAL7bl5yaSn_dTLhCUDE8lXyhslq0xOnzOxgaMxIhgZAUKiqpPNC63Tzz2bNnkjxdrxIbuPmeULwp6uWdkdh8XZyFpNrYj1Re4aD_-r1nzPEqsBGDRNpjCYyRMw4H6oX24PnXz5T_TvU6hRgX3bqKS0LGgnGZhl7AiCNWsRajrP36dLdYBIfm44I4ezdFWrfLQZJoU9mzRWd1oAS2_EBu_6s6g3hBQ9OwR0uiWXzUgr2NdBj7koYtnjDXgWiIYQMAYAo4_2wafJYU54TnpJoUr7_0bfVB_-UXS6-7aUMnZrQBMu4CP05gxHVEPFBjOG2gVYrDmUwWfbWPL4bhAdDOHq5R3g83KsujcGhyIixjp_F_TIVF0-2pBx8Vo44SLWavV12otMjlx8sqp6XTc2w1knk8nupRy7lmTJzKEl6VXihTYtAm7K8RaNnVqrcTK5c04vOoRKzFTbYY_o5kSXLl7ClesR9JClCYKf3mJeBRBDQ_9h8sfJnRfi_zuWTeikycqHn3uflC7g3BBiCj7brjTs6zOrtf4UbF7rWcD3sC94mG0mxVz4xrOqK5rUin_clfsud13Q8VX4_0Ekn7jQJN89W2SnKaiMJ4MdRZAoLlrkaNiP46wZjTrxh62HxgB9TPe-xB-YZMQCFlDUZdNrQKDh1nGgHcRd6PTHnW7YnanNRPbTpEDcJB0FKXwRhyO6s_b8w9rY_745LmmnnRBfDDb9C0cp7HN022vhA1Ywriu5Wnsr1HnRhkPOjYLmXTrc_HP3uaa4ZeEWLBg2g1h1vg8ReqZTqsLL38dsdBJJsl_-zj7HWHd33CKV__kzKA6-jyA3AH3cbjdI-cFkgcdRtWd2r_jNg_y2nGWbL0qFF-BvdFrgIlR9r9-tpMaI2Sr8R3-uyyhDatnwctrzEsoInolo5nqXO2OB4Sf8WqzZJQh2OhkkZby2453csbRMaYfRzE4kOAyqTq2HNcSjuGCP2d8zlsZncZlX4WSYKgWUnuQTJ-1eB1XE7wSo6v8GSYFeQE7maT9h2PGL4PhEEDeAD252ZovqoSByOOEGjE5LAX28ssQOl2Pbi3kc8PGZixdHw0VYfmzh8j2GolQVnjMipUwj3dDhtMVd7l5csEGaRdhk7JE5cTLi4zKolc2gFhUaC977YD5tJW8KVme3kQuYl2o5tmcHXGD_u_DTrp5BYKBfrNh5f0led7QOssnAJh1rEDIo_IDBdLfTHTlMHD-f8-pfYGBEZJNckG3tutat-UfQ-4U2mhwFuJJsAnxh52zWl8o_ZNbCbw-AuUIQsyQieXaRpv6mRGhGezRaGfvloxt7TIYX2cy02zvVu0SpdTRWq22Hzk1qdQWzLAjAANYbrcYTaX3jevPJ5wD1bf6RKUBZyt3oEws2WLneqWfa98wWYBrhIsXBtEUYzqy6On5TDUknkzpTH1kWLLW44Iw-BhtMNrLCR75k96AMiVXu7sHwhQH-PKtSTWll0IKHWW8L6JjZOTl_fPJGK2YIeYoCx4TVEOw2QvRdeYrlvnjZCFNBkaZ7JSIrk27osZyehTGmV6mHb_ue4XhZQZbCfbUPs8YqIC1xonJBr1nvcXtBzbPEdgW3Ju9R_S9MOhosgsfm2QtW9OQbwagQu1rvhiLL_rRRyDrQ1g1zvNGjUVP1Olllr1tOIv-pflKwPSooT6p-thtFC_pUT3CB_N_WAiAP_S2DyS0Q-F96wb9XMDI0OoAXQywn6Bel_8w0U526bCbZJh-73ghyzDe2EyYrrE42PK5eZM1r21f8Pib86Y9kdT7inQmf1aVYQLB_vh9WghrseUsRGt5BjLXKKkjnK6OVYRqqvtGnDZe3Z5wzy1_TpKq1UNm24SukafFlAauWhjU4bR25sjhNhzIvivmxNIL-M8psMglRUqvu1LdYlpImyKTyHxLumRlJ5irA4i4QXWF_kpZ1dI2aYTCfqTxQDAn4o9To_ODOG_BsKmFtltVeFpCb4JKjx29gP3Nn4uCPWwnrrvNUMDe_ObY6oo3vpnYJVFyKCh47_DzFfRTtwME6TBkcLSdOhcGqohCcrf4qHHWlMgTSAGd16RcUNMTQehF8mikcoAtExVwnmHiARuC9B8JR09VfThwRfwektIEV7XgRKQyyptz6D-Rhn7xvNEyd4LEA-w_WWmDZllHp0eDKieubK24Rf8r45O9rIIggYbb_x7Rz4ADpHxuY_WcWIWYsN5IO_uH9713rIvMteO7O3QNEiJ9CCeIqhn6fAnb2rLQdCwgKM02DEWRsvfdsaDJIh3zg_wS_iGpQ1Qe3o-gYJqn92-Hp2npJ-OHFk8qHr5xKxDAble1QoEi1pXryJg9ZY7Eet1fMg9trVbvAKVjJM8EcMmuyM5KRsxJw8DVTElulG6_9vn8cyrR8OC-UmpuYJptCNpyDVvH62A8HglTzVCg3EGeVc62stIyeGtsia-PXN5kVFudu3DM7v_hMbmb1WluKYd2eYvNOml5grL-_i5eIjoC8XNoeAJuO7hVVTBsdnkq0bNJygE7IkipvBxupfHoEqOjPdshyn_bWwqM2_j0M9GexA&cid=CAQSSwDICaaNrJp9hPIllW_Fng2sSF3C1c2Ll8AOnSSmNTG2XQLGJdxHNOqC_5c5a_zjmwICy72Y2byA5xzbqHQI6bKlIX2OKJAHFNmDTRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.activetk.jp&ds=l&xdt=1&iif=1&cor=14474048192062452000&adk=1761367587&idt=191&cac=0&dtd=21 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.149 -, , ASN (), Reverse DNS Software cafe / Resource Hash 61eb606aaef5d2659710a0174b980661bb8c35810fb208c80ab578640d341c99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers pragma no-cache date Sat, 21 Oct 2023 03:46:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18374 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60E8	13 KB 5 KB	152ms 150ms	Document text/html	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 120276 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 19 Oct 2023 18:21:24 GMT expires Fri, 18 Oct 2024 18:21:24 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe www.google.com/recaptcha/api2/ Frame 3C92	829 B 0	600ms 155ms	Document text/html	172.253.122.147
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.147 -, , ASN (), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8cK3sUbItLj6KVdcMjebtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-8cK3sUbItLj6KVdcMjebtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 03:46:00 GMT expires Sat, 21 Oct 2023 03:46:00 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET DATA	200 OK	truncated / Frame B8D2	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d8fba99427c97fd848901bff44fd050e7144796e0418337f2478954b6cb64c4c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 78AE	22 KB 8 KB	143ms 141ms	Document text/html	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 120272 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 19 Oct 2023 18:21:28 GMT expires Fri, 18 Oct 2024 18:21:28 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame B4FB	249 B 339 B	153ms 152ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%81%98%E3%82%8B%E9%96%89 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash 0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 21 Oct 2023 03:46:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 21 Oct 2023 03:46:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame B4FB	14 KB 1 KB	153ms 152ms	Stylesheet text/css	172.253.115.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f95.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 21 Oct 2023 01:58:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 21 Oct 2023 03:46:00 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B4FB	2 KB 903 B	142ms 142ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:59 GMT content-encoding br x-content-type-options nosniff age 35161 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 798 x-xss-protection 0 server cafe etag 15713038447858168282 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:59 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame B4FB	23 KB 9 KB	141ms 141ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:55 GMT content-encoding br x-content-type-options nosniff age 35165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9137 x-xss-protection 0 server cafe etag 5200559654007170660 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:55 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame E460	143 B 166 B	143ms 141ms	Document text/html	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 3522 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 21 Oct 2023 02:47:18 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B4FB	3 KB 1 KB	147ms 145ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:55 GMT content-encoding br x-content-type-options nosniff age 35165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:55 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame B4FB	20 KB 8 KB	147ms 145ms	Script text/javascript	142.251.167.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.167.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f132.1e100.net Software cafe / Resource Hash f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 17:59:58 GMT content-encoding br x-content-type-options nosniff age 35162 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8427 x-xss-protection 0 server cafe etag 8504628880869859743 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 03 Nov 2023 17:59:58 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B4FB	187 KB 59 KB	375ms 373ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Sat, 21 Oct 2023 03:46:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60178 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697628223465749" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Oct 2023 03:46:00 GMT
GET H2	200	ccbada329de78be299cbea1a52c9a584.js Show response www.gstatic.com/mysidia/ Frame B4FB	35 KB 15 KB	143ms 142ms	Script text/javascript	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 13:33:17 GMT content-encoding gzip x-content-type-options nosniff age 51163 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14787 x-xss-protection 0 last-modified Thu, 12 Oct 2023 21:09:27 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 18 Jan 2024 13:33:17 GMT
GET H3	200	fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js Show response pagead2.googlesyndication.com/bg/ Frame 47C7	37 KB 14 KB	141ms 141ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Wed, 18 Oct 2023 00:32:27 GMT content-encoding br x-content-type-options nosniff age 270813 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14583 x-xss-protection 0 last-modified Mon, 16 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Oct 2024 00:32:27 GMT
GET H3	200	kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response pagead2.googlesyndication.com/bg/ Frame 60E8	37 KB 14 KB	140ms 139ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Tue, 17 Oct 2023 18:04:25 GMT content-encoding br x-content-type-options nosniff age 294095 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14703 x-xss-protection 0 last-modified Mon, 16 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 16 Oct 2024 18:04:25 GMT
GET H3	200	fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js Show response pagead2.googlesyndication.com/bg/ Frame 78AE	37 KB 14 KB	140ms 140ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software sffe / Resource Hash 7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Wed, 18 Oct 2023 00:32:27 GMT content-encoding br x-content-type-options nosniff age 270813 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14583 x-xss-protection 0 last-modified Mon, 16 Oct 2023 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Oct 2024 00:32:27 GMT
GET		index.html s0.2mdn.net/sadbundle/5235999255193809361/ Frame 9984	0 0
GET		view googleads4.g.doubleclick.net/pcs/ Frame B8D2	0 0
GET		index.html s0.2mdn.net/sadbundle/11858887509443949933/ Frame A3A9	0 0
GET		view googleads4.g.doubleclick.net/pcs/ Frame B3AB	0 0
GET		abg_lite.js pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 70AC	0 0
GET		Q12zgMmT.js tpc.googlesyndication.com/sodar/ Frame 70AC	0 0
GET		dvbs_src_internal122.js cdn.doubleverify.com/ Frame 70AC	0 0
GET		ui www.google.com/pagead/drt/ Frame E460	0 0
GET		generate_204 tpc.googlesyndication.com/ Frame 60E8	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/5235999255193809361/index.html?ev=01_250

Domain

googleads4.g.doubleclick.net

URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5gwZFDgcMkL1SrDTaBmCrZuN72uTmFVty07qKGbo9vEvWZhBkVucL-Apu-WQPyIHP6jb1hCiIlqLLA1VSxaSZGjenMb_x1w_6NdV34Xwt6X-NCOSePM58818Xo-POMdm56GjswExlEGMu8QWMA297LQr7pBR27Lquvns-gt4K8v0A8tlscc8qN3mTEz20Wo2civKqtsO0u4u7amtYSOfsjmdqzIrb4KyNNYhBJmNBnyNPLv3TIhPwUhMXCoevlBnZMqYi4z3H2bnAQ5QS4LO1YHZ7GW23a3l-Skro2p8JxFCecu7nIggoKX4b_krLMMaAVkPMk-ETnu8zRJqZvDQsBmDPMJBZLOwES4Qs6xN8DiPwCtfk9M6KP2IHPs3NiiCbdAdeBBlt1sTd09BpIg9edkC2i-c9w1BcZ8vvO3W-wsv021DosyZKiWYQTFS5Moah04srRFsTToEmd_nrcx9wge0zXXIRqq_CpeWbvf180SJEdPPGQmQxNaklXf4kXOXv1N45DEn1EPgtjglQvDOL4lE_O7-mdG0VK_4PTjvSzVIDD1eIbQZlN_-z9gQGcaietiwYXUxW0SbiLG4jzGvBufJIPymt936qtAghnmVL-vWpiE9ucusYIWpAXhtKmbpJZAHNv4E3UgaBnI4hj7VEI3eH7OX6PjOWJoDdenef29WvlfZaDrJZYG_z5MVRAB2vHLvxH2NJ4AWUgCR5tjGK9QUp_25JU5sv9aGcGJbyYzajzU886Xq7Ua3flrqThjhFbvuOVdLlyU6DZMD_Rp6R4vz0f0PbtLr58T-miqvaudJysM-HbVsQ06HFibFL3Q70M6y9O8PFm2vTDQRk-FZ8ZjmI3LSfpd0AHBNyJB_SFNKB7nt44_Lgu98UiGR0hL0mly-XidZxParAeq5e9K3NA8WmuV01ivVqlzHy-8yG7o1iMxT-c15haUbbwGxCZxWUAncRJjQWyuKj4aGi2pnf1I8D7p9Yi_-BKXXG-58LSZ8g30nps0E4haOrOOMZjIW1nfdOkfOrSHW40n2v3l51udjUMLbUcKMKfBJEykVzRbxHR03o4EpyWnrRAKK9YBzXznBatDCAYbSIPeV7GY9szEBhPNuK6XnU6y8Z1F7mlic-98ePvsNFtYtzigX8aCne3zbRSrIBbE0mry0bvP6bjPL4FRq6mGiFsPp3TKUxaGoAAFaqrDeH_wwBesOVZ8aCSIaRtxdRr2OLgumKRGWfIEY76E-yyO9kvhnG8G1-uRer4PCA2AKtyLt0TpQBZWL_Uzct-lPWmgTHj9BaIy3WhjyJ&sai=AMfl-YRVzX0rZfrjd2huaE2nXg7m57g9hvlnMYdYGvlq0NVcnrkV_TGYmkzeHrc9GAQaF0MUeJ02n_ZzbkxLpuUN18LOXHYvDzExspB0O5cYJOHvbqi_G7kEWdnObilWXKlyF5IDihRs8DroE4pAXzaBIvLSUA71hdKUBk3hxpfrqXt9cFi2GGl4QTUF41NxhOG8D8RJOIUpchQqQhVRlBQgodi7klq535ZMJZMB1nEL-6XfG8GjmTpHtsup_PmCftOLCU2bfMLro4Ype6naBJWX3ICxL1xemHbwKzjdBLsE4Hzfz_CnBG0YYfX7ia6MLewL-UBvm4rpUTjgfxGLWfX2RTpZxYKWTLPWzwOZR-fSGaQw3dIFlP41NEM3tAIegYEqga3UtfFl29JhxfnTi_V6up2AmEiIff7KzagmChvgs6wnd88aN6feu0H-HbSFtw6WkKE5RxtKaiR8hJwaSjKrOH2GDDe9RWJEOhSEN6U4&sig=Cg0ArKJSzFoStoChcCl3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=660&cbvp=1&cstd=657&cisv=r20231017.42112&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/11858887509443949933/index.html?ev=01_250

Domain

googleads4.g.doubleclick.net

URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTHl5qwE6ISXuilzVs3TRc_FWi79qMrgt0ZhbhcRnAwrScynYSySP0chK3Z-zT-OJgTK7UBcuP90qCvVMGYUxptcoAr386p0s7zOM6uFd-XrPeS-S3U7DFioQ7uY27LPVtkOuuaqZzVmflJg0oJ-imPNZ5ZicHRqF2VVK6x2yXZRsuLcIQkelzj0TVV7JSAztqtVbKqO5vgkUff5NKWwwzWDx5F7BqeBOy8SPV6J2A1YHTVX5knA16Tkxj9f5AMGF-ln4MSw3eI-7bOoSCOzrPYnnJYS6kc5BJo5Rqev6Y-eLMXoueY0v2UllDMfBOFtkBzSyeuuUQ8WzbzHpia84CHnVLqzirop4JfCpfCbPEdnQhvKVej8g6GEHvJfRjUfT5m_wWCXbyZ1cBuWHMExuDL51zpTGXhXDbVbsNw-cCMSIopw4fmKfYvVXkUV9ygcvmZ-pQ3-x15iaggTDsF8peplyaOny3j4kW8C1mCl6iuMUjY0wenmOVV3SnJMfgl4c3AL3LdpN1pu7p49aEl8WkMH276_jNkmqXXq_VxSovB8wJiQNfdy6MqZDV4DuRuxSwLX1DEJ3gWcs8bnkGA_4RP6Jb9RgBreJejcDV94SF6s13B4A4hxovr3yTyZNEjQXSi5S6M6CfwMNMu3L3SJ990oQaaEzjuMbqZCTLAugmGZPD0vCL2oZNxxOzDzmdar8eVKX8wcF7e1uPRtABb41N9r5uIZpumlE0efvOF9xiDElkDHJhJKutptWgKz3r2RDRfeOXeauQ2sjo7j1pmOq_nAenFNGsgu7nHOF6GBfLlagbpH_WJEW6AH24e0w2iiMnWXmH2ACOtSjnGEfsG8eVXEn2szc5Wg7TYAEIH7KlouEQm0xQxk1GQGGsXwj6N-vfE_BzxciYzQL6HI-4ADynkIz_pujeXKNo3b-qT_BE9BXJDSrlumpljr7vY5bLU4Vy8ugkB4qXEYPr1VkMVCksjIvH-ZOCPCfVZG5u5QtQp5ivGVsmmf-Fz8cWaVogJmC5uhUxLZNnnXBE03wRt4TaCyE--u4znU62ya1oIqx7jrkBS2Xj-WytgupkOectvC1dfIY30CDajzNBsGoMYFxDUJsltqJd6YiBcCq73oja3-eTQ8Ai0ARbAiszlzP4YRO8ehYxzr4_EbJaEICtfz1_dI6Gxb3064Ym4mnmJDg_7XYEOHUXuqJ-Q34bsQMVBw2tfmYgS1ZjXilIKlGWhepqW33uBK_S6IPNOIJi-EyvnXxyDXxeFHi1NhOXe5ePLA39zAfXhYeKqbn9U_exJtWETQ&sai=AMfl-YSbCQ5XsCrLauuyccr-_dRlghCjNkuOBb-P7_jviwmkNyLBKMnwTmafsd9stoo9p3saKMPgwfVHP52Tq-2gHsXiNqOoEV0LvAU6az4s7cQnorMpYM2acT5LK3tyR9evQf13indMXg9mQImpNefSynbmuL0m1mE7y8KlLTezNVy3wSerpycvwDxxiR_eJryhYzUC_elKDOV9MBzZXoRCDiiAUlRg4pHbJEqh_tWTmAEvXa8yCGhTuQAuV4-qGGSCDAbfbJOvQ49wvZkDV2it0PyyFYWv8XMhShbgU-anZAKPFWYPKPhjfZCHzAtxVPeEJr4hIjmaoFQDeCAlVXpbXLmw8lJXLOqvuyb2ZUgy6oXJyujLg1vLWKbkeSdzPihlGNumrFJZ0QCPPzGRGkbUUGZCrTOiW6qJwt8QlOmm35qNsRtHpODcm9KcxrLG9qNeQwutAmwjKMgdDSqibJDzTorUI1h5rmQ0VkK1UaA4&sig=Cg0ArKJSzLpMHGrjz7ApEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=805&cbvp=1&cstd=803&cisv=r20231017.65405&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite.js

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Domain

cdn.doubleverify.com

URL

https://cdn.doubleverify.com/dvbs_src_internal122.js

Domain

www.google.com

URL

https://www.google.com/pagead/drt/ui

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/generate_204?fcbKng