xtreview.com Open in urlscan Pro
208.94.245.218 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://xtreview.com/
Submission: On April 01 via api (April 1st 2022, 1:25:51 am UTC) from GB — Scanned from GB

Summary HTTP 144 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 144 HTTP transactions. The main IP is 208.94.245.218, located in United States and belongs to JOESDATACENTER, US. The main domain is xtreview.com.

This is the only time xtreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
61	208.94.245.218 208.94.245.218	19969 (JOESDATAC...) (JOESDATACENTER)
1	2606:4700::68... 2606:4700::6812:517	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 2	65.9.66.29 65.9.66.29	16509 (AMAZON-02) (AMAZON-02)
1	3.225.179.96 3.225.179.96	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
144	19

61 208.94.245.218 (United States)

ASN19969 (JOESDATACENTER, US)

xtreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:517 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-29.fra56.r.cloudfront.net

scripts.chitika.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.179.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-179-96.compute-1.amazonaws.com

xtreview.us.intellitxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnx.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	xtreview.com xtreview.com	462 KB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	697 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	94 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	141 KB
7	tribalfusion.com a.tribalfusion.com — Cisco Umbrella Rank: 800 cdnx.tribalfusion.com — Cisco Umbrella Rank: 9799	69 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	109 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5023	914 B
2	chitika.net 1 redirects scripts.chitika.net	740 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	7 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	646 B
1	intellitxt.com xtreview.us.intellitxt.com
1	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 8223	14 KB
0	cpxinteractive.com Failed adserving.cpxinteractive.com Failed
144	15

	Domain	Requested by
61	xtreview.com	xtreview.com
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com xtreview.com pagead2.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	xtreview.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	a.tribalfusion.com	tags.expo9.exponential.com
3	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	cdnx.tribalfusion.com	a.tribalfusion.com xtreview.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	scripts.chitika.net	1 redirects xtreview.com
2	www.google-analytics.com	xtreview.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	xtreview.us.intellitxt.com	xtreview.com
1	tags.expo9.exponential.com	xtreview.com
0	adserving.cpxinteractive.com Failed	xtreview.com
144	19

This site contains links to these domains. Also see Links.

Domain
a.tribalfusion.com
xtonlinegame.com
www.hardwaresecrets.com
www.hexus.net
www.lostcircuits.com
www.pcreview.co.uk
www.silentpcreview.com
www.techspot.com
www.revioo.com
www.storagereview.com
www.hardwareanalysis.com
www.extreme.outervision.com
www.amdzone.com
www.amdboard.com
xbitlabs.com
xsreviews.co.uk
www.virtual-hideout.net
www.tweaknews.net
techgage.com
www.testseek.com
www.techwarelabs.com
www.rbmods.com
www.pcfrags.com
pcextremist.us
www.mvktech.net
www.modders-inc.com
hardwarexl.com
www.overclockercafe.com
www.lanaddict.com
www.hi-techreviews.com
www.hardwarespot.de
www.futurelooks.com
www.hardware-review.net
cyberwizardpit.net
www.extensivemods.com
www.cowcotland.com
www.circuitremix.com
www.pro-clockers.com
www.atruereview.com
aphnetworks.com
benchmarkreviews.com
www.bigbruin.com
www.bioslevel.com
www.bonafidereviews.com
www.boxgods.com
myspace-proxy-best.xtreview.com
world.altavista.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://xtreview.com/
Frame ID: 20D549F3AF162FD8D34B4DEB8F001D0B
Requests: 82 HTTP requests in this frame

Frame: http://a.tribalfusion.com/f.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&pop=only&noAd=1&size=1x1&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=1&adContainerId=richmedia_2&rnd=16261664
Frame ID: A19BA21E0D66CCED8ACC1A137D491940
Requests: 2 HTTP requests in this frame

Frame: http://adserving.cpxinteractive.com/st?ad_type=iframe&ad_size=160x600,120x600&section=187303
Frame ID: 85139A7BB3EFFFB95C543CDBC7458998
Requests: 1 HTTP requests in this frame

Frame: http://adserving.cpxinteractive.com/st?ad_type=iframe&ad_size=160x600&section=2723548
Frame ID: AB0992321F985F0E1B448016A640CC11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=188382957&adf=4078635754&w=336&lmt=1648776343&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343437&bpp=15&bdt=1740&idt=541&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&correlator=4942415356370&frm=20&pv=2&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=I8ejy2wZky&p=http%3A//xtreview.com&dtd=556
Frame ID: 90BF8CC2E409CC1F06A8BE6901DC8D5D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=3885381099&adf=211726879&w=336&lmt=1648776344&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343456&bpp=7&bdt=1759&idt=545&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ol5EC9XyWr&p=http%3A//xtreview.com&dtd=548
Frame ID: 70B30BD3A327988C591FEB2214B8BF8F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=600&slotname=9944585812&adk=1678972621&adf=2592990185&pi=t.ma~as.9944585812&w=160&lmt=1648776344&url=http%3A%2F%2Fxtreview.com%2F&wgl=1&dt=1648776343657&bpp=16&bdt=1961&idt=349&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=4942415356370&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=50&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cpn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=g8qVZ6vgsE&p=http%3A//xtreview.com&dtd=352
Frame ID: 001A848C61384B902C5A71BBE0C516B0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html
Frame ID: A1DDA4BC4CBA7951CC66B40B9DA7D518
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 648A94B571F5C12646A20D9EDD234C7F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EE214429663C41DEA109F46E6B3F8F34
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 76ECA47149E8CD4F82AC04F540437BA6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Frame ID: BE549DD368E3DD977ADC9BFA47E9AB5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Frame ID: 8FD2C34B49FD23A795BB7DB41CE3DAF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/zrt_lookup.html
Frame ID: 7F12D30C0D357C7FEFF1B7D4673FAB69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&adk=1812271804&adf=3025194257&lmt=1648776348&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=1781651155&format=0x0&url=http%3A%2F%2Fxtreview.com%2F&ea=0&pra=7&wgl=1&dt=1648776348052&bpp=2&bdt=6355&idt=2&shv=r20220329&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5938964514ea294-2257685b69cd0060%3AT%3D1648776344%3ART%3D1648776344%3AS%3DALNI_MbVz0V7vdJh5LqMFIMm1BHECesODQ&prev_fmts=336x280_as%2C336x280_as&prev_slotnames=9944585812&nras=1&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&psts=AGkb-H_7McrpUut9TPv22bngnjTWkof5BNUaitxCCJC_algWooBwssefKpYa2qRGxyrq_c8fFvpDq_CsS_vPYrhbNg%2CAGkb-H_6oYNgHT2ErbBppTXC-hbIK9vRYgEVEvClep8n-sdAZ4o97A3UZka0Abx5ymm2gyrqS3tM_O0fUtgDyA%2CAGkb-H_LQHUtSUcE9Pwxme5O9jY3KuCcR2p_8YMbkhia4D3Xe9kXdiL7G-V7I0O_UymOnDZnNX8SxyFGjPSf6s4&pvsid=2825561529958351&pem=670&tmod=1713133874&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=19
Frame ID: 08A7159AC34E700357AE08C411CBD9F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5EF4365C02E495DAA4A8988C8735B8FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 162B583A1E17B64FD3E6828A97DDDF56
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

we are looking for copper coolers on nvidia volta computing accelerators,unofficially about intels plans to release 300-series chipset,

Detected technologies

Chitika (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

scripts\.chitika\.net/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

144
Requests

47 %
HTTPS

78 %
IPv6

15
Domains

19
Subdomains

19
IPs

2
Countries

1600 kB
Transfer

2877 kB
Size

9
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: http://a.tribalfusion.com/hd.click/aImvvvTTQbST3FScQJRravRt7dUVv54r6modeOXEeu4dvZdQsrH2mUHoWXtVWZbhXUf8YrU9XqeMRrJGWUMQTtQ5orFxPbrN1EFy3TUaRWMfb9Fsbt/http://www.stopimpaireddriving.org/

Search URL Search Domain Scan URL

URL: http://a.tribalfusion.com/hd.click/aBmvvvTtQ3orZbxPbrr1EYy5aUl2aMRmaMD1rJfUtMSoArBns7nmHrJ3qZbg5tiN5mvZamUvEYcrQ1c3V0svNpEvQ5UQ2VrnZcUA7TREbQ3UQGhhjZaDZd/http://www.earthshare.org

Search URL Search Domain Scan URL

URL: http://xtonlinegame.com/cat/107/Fighting/p1.htm
Title: online fighting game

Search URL Search Domain Scan URL

URL: http://www.hardwaresecrets.com/
Title: hardwaresecrets

Search URL Search Domain Scan URL

URL: http://www.hexus.net/
Title: hexus

Search URL Search Domain Scan URL

URL: http://www.lostcircuits.com/
Title: lostcircuits

Search URL Search Domain Scan URL

URL: http://www.pcreview.co.uk/
Title: pcreview.co.uk

Search URL Search Domain Scan URL

URL: http://www.silentpcreview.com/
Title: silentpcreview

Search URL Search Domain Scan URL

URL: http://www.techspot.com/
Title: techspot

Search URL Search Domain Scan URL

URL: http://www.revioo.com/
Title: revioo

Search URL Search Domain Scan URL

URL: http://www.storagereview.com/
Title: storagereview

Search URL Search Domain Scan URL

URL: http://www.hardwareanalysis.com/
Title: hardwareanalysis

Search URL Search Domain Scan URL

URL: http://www.extreme.outervision.com/psucalculator.jsp
Title: eXtreme Power Supply Calculator

Search URL Search Domain Scan URL

URL: http://www.amdzone.com/
Title: amdzone

Search URL Search Domain Scan URL

URL: http://www.amdboard.com/
Title: amdboard

Search URL Search Domain Scan URL

URL: http://xbitlabs.com/
Title: xbitlabs

Search URL Search Domain Scan URL

URL: http://xsreviews.co.uk/
Title: XSReviews

Search URL Search Domain Scan URL

URL: http://www.virtual-hideout.net/
Title: Virtual Hideout

Search URL Search Domain Scan URL

URL: http://www.tweaknews.net/
Title: Tweaknews

Search URL Search Domain Scan URL

URL: http://techgage.com/
Title: Techgage

Search URL Search Domain Scan URL

URL: http://www.testseek.com/
Title: Testseek

Search URL Search Domain Scan URL

URL: http://www.techwarelabs.com/
Title: TechwareLabs

Search URL Search Domain Scan URL

URL: http://www.rbmods.com/
Title: R&B Mods

Search URL Search Domain Scan URL

URL: http://www.pcfrags.com/
Title: PCFrags

Search URL Search Domain Scan URL

URL: http://pcextremist.us/
Title: PC Extremist

Search URL Search Domain Scan URL

URL: http://www.mvktech.net/
Title: MVKTech

Search URL Search Domain Scan URL

URL: http://www.modders-inc.com/
Title: Modders-Inc

Search URL Search Domain Scan URL

URL: http://hardwarexl.com/
Title: HardwareXL

Search URL Search Domain Scan URL

URL: http://www.overclockercafe.com/
Title: Overclockercafe

Search URL Search Domain Scan URL

URL: http://www.lanaddict.com/
Title: LAN Addict

Search URL Search Domain Scan URL

URL: http://www.hi-techreviews.com/Joomla/
Title: Hi-Techreviews

Search URL Search Domain Scan URL

URL: http://www.hardwarespot.de/
Title: Hardware Spot (German)

Search URL Search Domain Scan URL

URL: http://www.futurelooks.com/
Title: Futurelooks

Search URL Search Domain Scan URL

URL: http://www.hardware-review.net/html/index.php
Title: Hardware Review

Search URL Search Domain Scan URL

URL: http://cyberwizardpit.net/index.htm
Title: Cyberwizardpit

Search URL Search Domain Scan URL

URL: http://www.extensivemods.com/
Title: Extensive Mods

Search URL Search Domain Scan URL

URL: http://www.cowcotland.com/
Title: Cowcotland (French)

Search URL Search Domain Scan URL

URL: http://www.circuitremix.com/
Title: Circuit Remix

Search URL Search Domain Scan URL

URL: http://www.pro-clockers.com/
Title: pro-clockers

Search URL Search Domain Scan URL

URL: http://www.atruereview.com/
Title: A True Review

Search URL Search Domain Scan URL

URL: http://aphnetworks.com/
Title: APH Networks

Search URL Search Domain Scan URL

URL: http://benchmarkreviews.com/
Title: Benchmark Reviews

Search URL Search Domain Scan URL

URL: http://www.bigbruin.com/index.php
Title: Big Bruin

Search URL Search Domain Scan URL

URL: http://www.bioslevel.com/index.php
Title: Bioslevel

Search URL Search Domain Scan URL

URL: http://www.bonafidereviews.com/index.php
Title: Bonafide Reviews

Search URL Search Domain Scan URL

URL: http://www.boxgods.com/
Title: Box gods

Search URL Search Domain Scan URL

URL: http://myspace-proxy-best.xtreview.com/cgi-bin/proxy.pl
Title: myspace proxy

Search URL Search Domain Scan URL

URL: http://world.altavista.com/babelfish/trurl_pagecontent?url=xtreview.com&lp=en_el

Search URL Search Domain Scan URL

URL: http://world.altavista.com/babelfish/trurl_pagecontent?url=xtreview.com&lp=en_ru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 59

http://scripts.chitika.net/static/linx/chitika_linx.v3.js HTTP 301
https://scripts.chitika.net/static/linx/chitika_linx.v3.js

Request Chain 74

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1893503966&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=we%20are%20looking%20for%20copper%20coolers%20on%20nvidia%20volta%20computing%20accelerators%2Cunofficially%20about%20intels%20plans%20to%20release%20300-series%20chipset%2C&utmhn=xtreview.com&utmhid=2122383646&utmr=-&utmp=/&utmac=UA-345690-1&utmcc=__utma%3D100096983.1893503966.1648776344.1648776344.1648776344.1%3B%2B__utmz%3D100096983.1648776344.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1893503966&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=we%20are%20looking%20for%20copper%20coolers%20on%20nvidia%20volta%20computing%20accelerators%2Cunofficially%20about%20intels%20plans%20to%20release%20300-series%20chipset%2C&utmhn=xtreview.com&utmhid=2122383646&utmr=-&utmp=/&utmac=UA-345690-1&utmcc=__utma%3D100096983.1893503966.1648776344.1648776344.1648776344.1%3B%2B__utmz%3D100096983.1648776344.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

144 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
xtreview.com/ 73 KB
16 KB 1467ms
1322ms Document
text/html 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 / PHP/5.4.5
Resource Hash: 634fb86a84dc75338186490456ae73ea6a2d6683453f893cefd6df3513d57bf3

Request headers

Accept-Language: en-GB,en;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 15824
Content-Type: text/html
Date: Fri, 01 Apr 2022 01:25:46 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.5

GET
H/1.1 200
OK style52.css
xtreview.com/ 3 KB
3 KB 313ms
152ms Stylesheet
text/css 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/style52.css
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 8117e865343d31659f8ef13df8cdf56681044c4177f0fbdee6d0aa7bfecfcbcd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "2000000009d18-a0b-4cd918d00555c"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2571

GET
H/1.1 200
OK test.js Show response
xtreview.com/ 8 KB
9 KB 314ms
152ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/test.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 0ebc53a2985792dc091b60b8e31ac01ffbcf77199d2ba4b0cd046ca0af7ff05b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:05 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "2000000009d11-21b1-4cd918cfa24fb"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 8625

GET
H/1.1 200
OK ajax.js Show response
xtreview.com/js/ 10 KB
10 KB 313ms
151ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/js/ajax.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 38a196c607b31a17dc7a791c5e8f4561a6e71f634ff4171828b78bacd4446f9b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:52:17 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "10000000131d8-267e-4cd91b16c0a65"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 9854

GET
H/1.1 200
OK ajax.js Show response
xtreview.com/ 1 KB
2 KB 315ms
153ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/ajax.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 04af7d4dfe9f3a64ee1c3a992a8d34ac242d62141ff0c2e2ca16152d8bf77a2d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:21 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "200000000b3a0-599-4cd918de2f1f6"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1433

GET
H/1.1 200
OK behavior.js Show response
xtreview.com/js/ 8 KB
8 KB 590ms
162ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/js/behavior.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 527a16e9eb9107010566a1f6e99bbeb20ef148d9d34da8924059b51e09c54788

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:52:17 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "10000000131d6-1fd6-4cd91b16bcd75"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 8150

GET
H/1.1 200
OK rating.js Show response
xtreview.com/js/ 4 KB
4 KB 624ms
164ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/js/rating.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 1d0a77c5c4a6cdc7d55f1527fa3715b4c70c885a597b51db2859ccd69aad305c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:52:17 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "10000000131d3-e25-4cd91b16b9085"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3621

GET
H/1.1 200
OK rating.css
xtreview.com/css/ 2 KB
2 KB 312ms
152ms Stylesheet
text/css 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/css/rating.css
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 1b8aa62b56c66a44e0dab22ea2df6fffdd4ae539c97184eec83719699b93bce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:43:27 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000000f561-8e1-4cd9191dc514b"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2273

GET
H/1.1 200
OK swfobject.js Show response
xtreview.com/ 7 KB
7 KB 767ms
154ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/swfobject.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:47 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "2000000009d16-1ae7-4cd918cfe6ddb"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 6887

GET
H/1.1 200
OK tags.js Show response
tags.expo9.exponential.com/tags/xtreview/ROS/ 59 KB
14 KB 424ms
364ms Script
application/x-javascript 2606:4700::6812:517
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:517 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1a5994affed8c6155233d4530118910b6c57c310bdcf9b4feeb42d4f37c635

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:42 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14101
X-Function: 151
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 1
ETag: 16236580805226129354
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600, private
CF-RAY: 6f4d88482c34886b-LHR
Expires: Fri, 01 Apr 2022 02:25:42 GMT

GET
H/1.1 200
OK 1-up-1.jpg
xtreview.com/images/ 740 B
1012 B 312ms
151ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/1-up-1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: d1782bd294eed2bfdd5488d969dd1d8eeee1861bbb47ece21e3707bbea5088ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008c11c-2e4-42ee77a003680"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 740

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 116 KB
40 KB 152ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48dd63d2e4e3fb1b623e6441d5271a21af6a223519ec41213054218a6735931d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 01 Apr 2022 01:25:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1566592691961092484
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40212
X-XSS-Protection: 0
Expires: Fri, 01 Apr 2022 01:25:42 GMT

GET
H/1.1 200
OK imageresizertoday.php
xtreview.com/hardware/ 8 KB
8 KB 319ms
158ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/hardware/imageresizertoday.php?imageurl=../images/amd64-pic1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 / PHP/5.4.5
Resource Hash: ed192b97b3e698814b2c20471b3b037acfeb9d44fbe27c755e833c34f6f5e41e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
Connection: close
X-Powered-By: PHP/5.4.5
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK up-1.jpg
xtreview.com/images/ 740 B
1012 B 296ms
150ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/up-1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: d1782bd294eed2bfdd5488d969dd1d8eeee1861bbb47ece21e3707bbea5088ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:00 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008d709-2e4-42ee779a4a900"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 740

GET
H/1.1 200
OK loader.gif
xtreview.com/ 673 B
944 B 296ms
151ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/loader.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: da3d52bcd3b8b37f714ad9cf407eecd20d0cd10f6797ffead6b8abd7e6f4e03f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:11 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "200000000a039-2a1-4cd918d4e68e5"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 673

GET
H/1.1 200
OK gpuz_stand01.png
xtreview.com/images/ 11 KB
12 KB 294ms
148ms Image
image/png 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/gpuz_stand01.png
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: ef02fe8556b2a2a0c03e5824683ca0dc46b30f297d0cbfddb1a57524ca9f2bca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Fri, 08 Sep 2017 14:19:51 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "5350000001928ac-2d36-558ae4528a0fc"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 11574

GET
H/1.1 200
OK pentium-75-back.GIF
xtreview.com/images/ 10 KB
10 KB 292ms
147ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/pentium-75-back.GIF
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 60436f74af16144cdd9afc83bc6b6fbabb47df4fe42e87fbab38d9ec44bb0181

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Tue, 26 Jun 2007 18:24:40 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008d7b1-26ae-433d33e1c4a00"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 9902

GET
H/1.1 200
OK asrock_0stand1.png
xtreview.com/images/ 10 KB
10 KB 295ms
147ms Image
image/png 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/asrock_0stand1.png
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 83c76c73a6437e6e1b812f3f2f88137fd38d1c36e3edf306df90dbeb720951ca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Fri, 08 Sep 2017 14:19:50 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "451000000192046-2625-558ae451f1b7b"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 9765

GET
H/1.1 200
OK athlon-2800plus.GIF
xtreview.com/images/ 8 KB
8 KB 277ms
133ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/athlon-2800plus.GIF
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 2cd0a791a2a075e4a16c9eebc7184e96f1c125e4447f7eebc437370cd2053404

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Tue, 26 Jun 2007 18:24:26 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008b20f-20c3-433d33d46aa80"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 8387

GET
H/1.1 200
OK dgx_01stand.jpg
xtreview.com/images/ 84 KB
84 KB 260ms
122ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/dgx_01stand.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 5771bca47480fe07b8b7c7c525f51d4316c656799f29519c63ee7986cd1bdcad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Fri, 08 Sep 2017 14:19:50 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "47a000000191ff4-15077-558ae4517408a"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 86135

GET
H/1.1 200
OK dgx_02stand.jpg
xtreview.com/images/ 56 KB
56 KB 258ms
121ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/dgx_02stand.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: df58b34f9a5f4f2a2ae066226d2c1c794e82d9e6222c68179f44da477f1d53f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Fri, 08 Sep 2017 14:19:50 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "3e0000000191ff5-dfc6-558ae451a1bca"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 57286

GET
H/1.1 200
OK celeron-766.GIF
xtreview.com/images/ 8 KB
8 KB 444ms
162ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/celeron-766.GIF
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 369598c2bc711246c9ff58115992da1ae8db11a2453debbf95a37be3fb8335af

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Tue, 26 Jun 2007 18:24:28 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000093c5d-1f2e-433d33d652f00"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 7982

GET
H/1.1 200
OK Untitled-stand17.jpg
xtreview.com/images/ 60 KB
60 KB 454ms
153ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/Untitled-stand17.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: fa6a1e4eb1cfb5facf41ea04feae5398d9e9f66f8afaa35515fc215a7475398c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Fri, 08 Sep 2017 14:19:50 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "3a8000000191ffa-f0cb-558ae451f1b7b"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 61643

GET
H/1.1 200
OK pentium-slot5.GIF
xtreview.com/images/ 9 KB
9 KB 341ms
157ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/pentium-slot5.GIF
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 9a253700895fb01f66b8bef20edb9a5eecf7062f2e886b58a770b4d5130c1d28

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Tue, 26 Jun 2007 18:24:50 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008b476-2496-433d33eb4e080"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 9366

GET
H/1.1 200
OK imageresizer.php
xtreview.com/chief/ 3 KB
3 KB 462ms
166ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/chief/imageresizer.php?imageurl=../images/amd64-pic1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 / PHP/5.4.5
Resource Hash: 20e4e55a5c901b23162604c338c5bf5f33d788a999ef9eddc8a968f5d8e17f84

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
Connection: close
X-Powered-By: PHP/5.4.5
Content-Length: 3259
Content-Type: image/jpeg

GET
H/1.1 200
OK more.gif
xtreview.com/images/ 230 B
500 B 882ms
161ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/more.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 214ca9b16d9f1d2c6daa23c66d3e108b160423f3d16052bf8c06483cd6780c42

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Wed, 25 Apr 2007 03:29:08 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008e382-e6-42ee78145c900"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 230

GET
H/1.1 200
OK 7600gt-52.gif
xtreview.com/images/ 2 KB
3 KB 437ms
150ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/7600gt-52.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: de030bfaea70d56dd8d346f30a4630a3bf1ad75402e56818e209abcb8f273f5d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Sat, 12 May 2007 13:36:18 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008bab0-95c-43045f7f8d880"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 2396

GET
H/1.1 200
OK premium-badge.gif
xtreview.com/images/ 8 KB
9 KB 689ms
162ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/premium-badge.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 49619bce32727fc30383850bdb6c5a3662aa49e2f882c9f3a1bea9fd34653f3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Mon, 20 Oct 2008 00:24:10 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000088c32-2148-459a45573be80"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 8520

GET
H/1.1 200
OK anti-robotic.php
xtreview.com/chief/ 420 B
677 B 725ms
161ms Image
text/html 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/chief/anti-robotic.php?code=cWhoeWxq
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 / PHP/5.4.5
Resource Hash: 74db0296b95a35860592faecabd436433a2fde95792da466182d742ae8be627b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Content-Encoding: gzip
Server: Apache/2.2.19 (Win64) PHP/5.4.5
X-Powered-By: PHP/5.4.5
Vary: Accept-Encoding
Content-Type: text/html
Connection: close
Content-Length: 443

GET
H/1.1 200
OK b-1.gif
xtreview.com/images/ 153 B
423 B 707ms
165ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/b-1.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 40b8901d304e3f1c2952a2a0fdaacd687876b2845217a9676c2a9c3023102302

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:42 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008c500-99-42ee77c258780"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 153

GET
H/1.1 200
OK up-2.jpg
xtreview.com/images/ 729 B
1001 B 335ms
159ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/up-2.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: ac9137f25754a7a4379871e5e8b2a65e210268b91778fc0bcc5a0b224c163f47

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Wed, 25 Apr 2007 03:29:16 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008b936-2d9-42ee781bfdb00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK imageresizertoday.php
xtreview.com/chief/ 11 KB
12 KB 629ms
191ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/chief/imageresizertoday.php?imageurl=../images/Geforce-7900-GTX%20.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 / PHP/5.4.5
Resource Hash: 7c7ce47aaecd041b4277ed548d8598c761aa52d5808d83031bad206c97c4edf2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
Connection: close
X-Powered-By: PHP/5.4.5
Transfer-Encoding: chunked
Content-Type: image/jpeg

GET
H/1.1 200
OK adloggertracker.js Show response
xtreview.com/adlogger/ 2 KB
3 KB 301ms
147ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/adlogger/adloggertracker.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 9ceddde19051b5fc3155fe3f1a422b79fe3c79359abea5772439eb68bd9b7877

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:48 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "200000000e102-994-4cd918f80e475"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 2452

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

221ms
75ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 55629
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Thu, 14 Apr 2022 09:58:33 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK banner1.gif
xtreview.com/ 799 B
1 KB 380ms
173ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/banner1.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 9541a908112fc1caabcbff65c9245917abcf03029cd7b7fda4a36df666370ed8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:19 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "200000000b377-31f-4cd918dcb9e13"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 799

GET
H/1.1 200
OK adblock.js Show response
xtreview.com/ 3 KB
3 KB 305ms
148ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/adblock.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 52a556cdcfa9300a0087223d156afeae418e91ea8eb8870a4f99f331de7a326b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:21 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "200000000b3eb-ae0-4cd918de60a26"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 2784

GET
H/1.1 200
OK affiliate.js Show response
xtreview.com/ 3 KB
4 KB 306ms
149ms Script
application/javascript 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/affiliate.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: bceaf1d1783042f22d9bda2c6ef14ac5535c3b6f6ef9e6f36090f6f311add479

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:48 GMT
Last-Modified: Sat, 03 Nov 2012 06:42:21 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "200000000b3a1-cf4-4cd918de3a8c6"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3316

GET
H/1.1 200
OK up-4.jpg
xtreview.com/images/ 1 KB
2 KB 450ms
151ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/up-4.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: ed1dbd7aa158254f0a2cfdf6bcf249d9874d42f312f5129a46ce2f801dd2ebed

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:32 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008968c-4f8-42ee77b8cf100"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 1272

GET
H/1.1 200
OK h3_e32006_ChiefIntro1.jpg
xtreview.com/images/ 4 KB
4 KB 450ms
120ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/h3_e32006_ChiefIntro1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 08f9d50ad0d5fbc8a561c5fe941d7b3926e76cea303c7c503bc7e3c932f3fe0f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Wed, 25 Apr 2007 03:29:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008d4b6-e65-42ee781274480"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3685

GET
H/1.1 200
OK h3_e32006_ChiefVisor1.jpg
xtreview.com/images/ 3 KB
3 KB 284ms
120ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/h3_e32006_ChiefVisor1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: de69f767f534be54eede207519b817c6725dcc2622d7bb34044a481d9eda3f09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008e5bb-bfc-42ee77a003680"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3068

GET
H/1.1 200
OK h3_e32006_cortana1.jpg
xtreview.com/images/ 3 KB
4 KB 352ms
121ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/h3_e32006_cortana1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 43599597655e42ea0647ca5113be6b62bd2a7e4f999e812b5f29cb7686ad3f7d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:50 GMT
Last-Modified: Wed, 25 Apr 2007 03:29:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008f381-df0-42ee781274480"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3568

GET
H/1.1 200
OK h3_e32006_structure1.jpg
xtreview.com/images/ 3 KB
3 KB 339ms
124ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/h3_e32006_structure1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: e2b4bde99c224756ce4982bb108d94fe5d022e4c193b024388a0848c1ed5abfc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:28:28 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008edba-c92-42ee77ee36f00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3218

GET
H/1.1 200
OK h3_e32006_WreckageSilhouette1.jpg
xtreview.com/images/ 3 KB
3 KB 269ms
123ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/h3_e32006_WreckageSilhouette1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: a4d044a62500801c76a0993226b0eb4f66e79ec890a5a9268f089b191c16e5e2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:28:22 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008f2cd-b55-42ee77e87e180"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 2901

GET
H/1.1 200
OK prey2_10241.jpg
xtreview.com/images/ 4 KB
4 KB 387ms
143ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/prey2_10241.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 927b199505c0e795250b62f213d7d28e22c436b86eb6951e169bc5a3ea73cf1c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:44 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000092ed2-fd3-42ee77c440c00"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 4051

GET
H/1.1 200
OK preyscreen_01xx1.jpg
xtreview.com/images/ 3 KB
4 KB 277ms
141ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/preyscreen_01xx1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: e73df1a11554ad3829934c211ff37223ee37f6e97d42200e338e068980b27071

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:28:26 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008c7e8-d13-42ee77ec4ea80"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3347

GET
H/1.1 200
OK preyscreen_02xx1.jpg
xtreview.com/images/ 4 KB
4 KB 374ms
142ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/preyscreen_02xx1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 077babcc5e9702117f8df7f0b52d863a4a958a3b893b7c81bb602f123a087792

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:29:22 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008fa36-1000-42ee7821b6880"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 4096

GET
H/1.1 200
OK preyscreen_04xx1.jpg
xtreview.com/images/ 3 KB
4 KB 408ms
143ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/preyscreen_04xx1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 5db0c1158297c20dbe5047fce39480487bc75668e59b13555c766c279593d1d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:02 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000009206f-d0f-42ee779c32d80"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3343

GET
H/1.1 200
OK preyscreen_14xx1.jpg
xtreview.com/images/ 3 KB
4 KB 303ms
145ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/preyscreen_14xx1.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 7df7f48fbe9766bb1e6f0b943e31ef813930c5c8bcd3bd06dc8f90df439eaa19

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:12 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008d5bf-dce-42ee77a5bc400"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 3534

GET
H/1.1 200
OK -image.jpg
xtreview.com/images/todayimages/ 16 KB
17 KB 435ms
146ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/todayimages/-image.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 42d0018ba2e746b7d106bfd411058d0fbea42fbd726394ca0fe8c5b64743abc9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:29:18 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "10000000941fd-414e-42ee781de5f80"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 16718

GET
H/1.1 200
OK de-t.gif
xtreview.com/images/flag/ 1 KB
1 KB 301ms
145ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/de-t.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 0d66d9d4234bf852784c8226ca9e4aed3fe1146fd3486655d2df93b54168f379

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094720-40d-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1037

GET
H/1.1 200
OK es_lang.gif
xtreview.com/images/flag/ 1 KB
1 KB 398ms
143ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/es_lang.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 48435da4fa79f74a2f884ed41e0eaeab8112336d103b35940a0d146c78fa94c4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094728-491-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1169

GET
H/1.1 200
OK fr-t.gif
xtreview.com/images/flag/ 230 B
500 B 412ms
141ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/fr-t.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: d286e9ee5920059b157e7b835fcc6d2602803fd50c4d21209296ba09888bbfa3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000009471f-e6-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 230

GET
H/1.1 200
OK it_lang.gif
xtreview.com/images/flag/ 254 B
524 B 302ms
141ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/it_lang.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 06f72054848326e726ef8fb84f04e1f84d9997a7da189da6388153fbc11c9000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094725-fe-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 254

GET
H/1.1 200
OK portural.png
xtreview.com/images/flag/ 930 B
1 KB 308ms
142ms Image
image/png 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/portural.png
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: a7fa7f6c710d844e6c39ecddde21a7b9d017a38cf351ea348aa2789a0391fbba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:51 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094722-3a2-42ee7792a9700"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 930

GET
H/1.1 200
OK gr-t.gif
xtreview.com/images/flag/ 255 B
525 B 396ms
147ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/gr-t.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: f5af0e0be791ace7f04e6d503b5314eced536d8d9fd4321dccabc7a02f539af6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094721-ff-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 255

GET
H/1.1 200
OK japan-t.gif
xtreview.com/images/flag/ 1 KB
2 KB 420ms
151ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/japan-t.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 26f528645781d15ab4b1e1dec8c4fdd71f48abafbd297f48d329b95c1742b1fb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000009472c-584-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1412

GET
H/1.1 200
OK korea_unification-t.gif
xtreview.com/images/flag/ 1 KB
1 KB 310ms
147ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/korea_unification-t.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: b1d820e868e7bdb2a4a1a2942c69f8b103ab231566685107783dc261e63575b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000009471e-4e0-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1248

GET
H/1.1 200
OK rusian.png
xtreview.com/images/flag/ 292 B
563 B 313ms
144ms Image
image/png 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/rusian.png
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: cb598e79795279628d185f6abe227de3a44cffaf5afdf8352e11f8760459f8d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094727-124-42ee7792a9700"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 292

GET
H/1.1 200
OK ch-t.gif
xtreview.com/images/flag/ 921 B
1 KB 420ms
162ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/ch-t.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 883a6ffb2d970fe19a2653d496b3cf65deef2e6e8e655a697959771a9b7d2dc7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "1000000094729-399-42ee7792a9700"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 921

GET
H/1.1 200
OK ar.jpg
xtreview.com/images/flag/ 599 B
871 B 316ms
161ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/flag/ar.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 79bd5bd4e163ee1dcd445500abecceaff7916e41060cc21fdb62ccbd1f14385d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:26:52 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000009472a-257-42ee7792a9700"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 599

GET
H2

200

chitika_linx.v3.js Show response
scripts.chitika.net/static/linx/
Redirect Chain

http://scripts.chitika.net/static/linx/chitika_linx.v3.js
https://scripts.chitika.net/static/linx/chitika_linx.v3.js

0
308 B

214ms
67ms

Script
application/x-javascript

65.9.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.chitika.net/static/linx/chitika_linx.v3.js
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: H2
Server: 65.9.66.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-29.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:45 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Tue, 07 Mar 2017 19:35:16 GMT
server: AmazonS3
age: 55738
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-pop: FRA56-C1
content-length: 0
x-amz-cf-id: _ZtdcrT0Zzw5sxHiIKfRGTGxHkIRmt9Htdxkth4lTsdTmK-52a3fCw==

Redirect headers

Date: Fri, 01 Apr 2022 01:25:42 GMT
Via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://scripts.chitika.net/static/linx/chitika_linx.v3.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 2uVSA-xwopJRQ0u3ajCNrWHVBeOeXqGN6R4RunWEmdR_8df0-lQgpQ==

GET
H/1.1 503
Service Temporarily Unavailable front.asp
xtreview.us.intellitxt.com/intellitxt/ 0
0 263ms
125ms Script
text/html 3.225.179.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.us.intellitxt.com/intellitxt/front.asp?ipid=5659
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 3.225.179.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-179-96.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H/1.1 200
OK displayAd.js Show response
a.tribalfusion.com/ 677 B
1 KB 258ms
196ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/displayAd.js?dver=0.9&th=10113555316
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29862a92c7c22642477e73c8fba31f92367afda4e591dffab3c89fc37a044fbc

Request headers

Referer: http://xtreview.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 01 Apr 2022 01:25:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 330
X-Function: 153
Last-Modified: Wed, 11 Aug 2021 04:08:51 GMT
Server: cloudflare
X-Reuse-Index: 2
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private
CF-RAY: 6f4d884efe5071fe-LHR
Expires: Thu, 30 Jun 2022 01:25:42 GMT

GET
H/1.1 200
OK f.ad Show response
a.tribalfusion.com/ Frame A19B 456 B
1 KB 319ms
319ms Document
text/html 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/f.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&pop=only&noAd=1&size=1x1&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=1&adContainerId=richmedia_2&rnd=16261664
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f07a5e050d031cffc853f837f64c508f04bde9328456b71ec20b74dfeaa011

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 6f4d88503f4871fe-LHR
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Apr 2022 01:25:43 GMT
Expires: 0
P3P: CP="NOI DEVo TAIa OUR BUS"
Pragma: no-cache
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Function: 101
X-Reuse-Index: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 336 B
1 KB 363ms
312ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=3&adContainerId=richmedia_4&rnd=16268572
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28398cf9b20658ab4a9ddc83b61e45508631e9d97424d28c42c9733ec48c6985

Request headers

Referer: http://xtreview.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 01 Apr 2022 01:25:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 285
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 6f4d88509e93e690-LHR
Expires: 0

GET
H/1.1 200
OK 12.gif
cdnx.tribalfusion.com/media/ Frame A19B 9 KB
9 KB 56ms
34ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/12.gif
Requested by: Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/f.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&pop=only&noAd=1&size=1x1&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=1&adContainerId=richmedia_2&rnd=16261664
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48bf1d0eee3dac39c5999282f0c273a37770ef4a27a280145b4ffc641284efc9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://a.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:43 GMT
CF-Cache-Status: HIT
Age: 10646
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9127
X-Function: 301
Last-Modified: Mon, 06 Jan 2003 03:18:54 GMT
Server: cloudflare
ETag: 1041823134
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 6f4d88527d47745f-LHR
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK 13.gif
cdnx.tribalfusion.com/media/ 20 KB
20 KB 54ms
30ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/13.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4918ed243df0b503f46bd4553b397e4417c8e803d5fd88747a67653e6a34f7c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:43 GMT
CF-Cache-Status: HIT
Age: 12647
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 20361
X-Function: 301
Last-Modified: Tue, 16 Jan 2007 07:13:22 GMT
Server: cloudflare
ETag: 1168931602
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 6f4d8852accb778f-LHR
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 297 KB
107 KB 302ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2021.js?client=pub-6621075760612267&plah=xtreview.com&bust=31065972

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e83ebe6e1ca67fa04d8b3d6791d481a8bf69c548f13da6712075daf3210281c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108946
x-xss-protection: 0
server: cafe
etag: 9415660748087758822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 01:25:43 GMT

GET
H/1.1 200
OK starrating.gif
xtreview.com/images/ 2 KB
2 KB 437ms
147ms Image
image/gif 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/starrating.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/css/rating.css
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: d225995627ef1c1a0fa44def1901a9708be87e2b8693c35e8650a72bfc65001f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/css/rating.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:49 GMT
Last-Modified: Mon, 12 Jan 2009 23:14:06 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008bfa3-86b-460514362ab80"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 2155

GET
H/1.1 200
OK j.ad Show response
a.tribalfusion.com/ 330 B
1 KB 176ms
176ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&size=160x600,120x600&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=5&adContainerId=richmedia_6&rnd=16265942
Requested by: Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be08472eddf6c8e20ea27c10c9a5f30c034ef90d5de99e95aa1c92c336ac0bb

Request headers

Referer: http://xtreview.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 01 Apr 2022 01:25:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 281
Pragma: no-cache
X-Function: 101
Server: cloudflare
X-Reuse-Index: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, proxy-revalidate
CF-RAY: 6f4d8852cfa1e690-LHR
Expires: 0

GET
H/1.1 200
OK 4.gif
cdnx.tribalfusion.com/media/ 34 KB
35 KB 54ms
54ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdnx.tribalfusion.com/media/4.gif
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cecb445c04784e50ce1cfe4773eac663d35b2fd93630fc460903065b036e559b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:43 GMT
CF-Cache-Status: HIT
Age: 61135
P3P: CP="NOI DEVo TAIa OUR BUS"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35115
X-Function: 301
Last-Modified: Sun, 30 Dec 2001 22:51:56 GMT
Server: cloudflare
ETag: 1009752716
Vary: Accept-Encoding
Content-Type: image/gif; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public
Accept-Ranges: bytes
CF-RAY: 6f4d8853edfe778f-LHR
Expires: Tue, 31 Dec 2030 00:00:00 GMT

GET
H/1.1 200
OK back-1k.jpg
xtreview.com/images/ 6 KB
6 KB 389ms
160ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/back-1k.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 1077ed4645c7a2221009ec67803d106f0f64ded8508028f718bf83702f890421

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:27:40 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008d681-1709-42ee77c070300"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 5897

GET
H/1.1 200
OK back-51.jpg
xtreview.com/images/ 11 KB
11 KB 758ms
604ms Image
image/jpeg 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtreview.com/images/back-51.jpg
Requested by: Host: xtreview.com
URL: http://xtreview.com/
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 /
Resource Hash: 8420853822351308069e4df94dc2d6cddf5e907fbdce7bf79b3da1c69cee7af8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 01:25:52 GMT
Last-Modified: Wed, 25 Apr 2007 03:28:58 GMT
Server: Apache/2.2.19 (Win64) PHP/5.4.5
ETag: "100000008f285-2ac2-42ee780ad3280"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 10946

GET st
adserving.cpxinteractive.com/ Frame 8513 0
0

GET st
adserving.cpxinteractive.com/ Frame AB09 0
0

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1893503966&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=we%20are%20looking%20for%20copper%20coolers%20...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1893503966&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=we%20are%20looking%20for%20copper%20coolers%2...

35 B
194 B

72ms
71ms

Image
image/gif

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1893503966&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=we%20are%20looking%20for%20copper%20coolers%20on%20nvidia%20volta%20computing%20accelerators%2Cunofficially%20about%20intels%20plans%20to%20release%20300-series%20chipset%2C&utmhn=xtreview.com&utmhid=2122383646&utmr=-&utmp=/&utmac=UA-345690-1&utmcc=__utma%3D100096983.1893503966.1648776344.1648776344.1648776344.1%3B%2B__utmz%3D100096983.1648776344.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 14:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1893503966&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=we%20are%20looking%20for%20copper%20coolers%20on%20nvidia%20volta%20computing%20accelerators%2Cunofficially%20about%20intels%20plans%20to%20release%20300-series%20chipset%2C&utmhn=xtreview.com&utmhid=2122383646&utmr=-&utmp=/&utmac=UA-345690-1&utmcc=__utma%3D100096983.1893503966.1648776344.1648776344.1648776344.1%3B%2B__utmz%3D100096983.1648776344.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
646 B 248ms
74ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xtreview.com&callback=_gfp_s_&client=ca-pub-6621075760612267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2021.js?client=pub-6621075760612267&plah=xtreview.com&bust=31065972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f3b451501c9ff4658cde62bec7e0379c11766ef9eb97ce21896dc628df7d533b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 253ms
80ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=xtreview.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 248ms
74ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xtreview.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90BF 89 KB
32 KB 788ms
625ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=188382957&adf=4078635754&w=336&lmt=1648776343&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343437&bpp=15&bdt=1740&idt=541&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&correlator=4942415356370&frm=20&pv=2&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=I8ejy2wZky&p=http%3A//xtreview.com&dtd=556

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe9fb742bf530f067decf489e14123720d5e4edd809785a7ec8f62dc6e81a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 01:25:44 GMT
expires: Fri, 01 Apr 2022 01:25:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70B3 89 KB
32 KB 622ms
467ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=3885381099&adf=211726879&w=336&lmt=1648776344&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343456&bpp=7&bdt=1759&idt=545&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ol5EC9XyWr&p=http%3A//xtreview.com&dtd=548

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d6e3ec848178eca2ea919d734b5318cb52b96cbd5fc1b9fcb40db4ee402d5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32126
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 01:25:44 GMT
expires: Fri, 01 Apr 2022 01:25:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 001A 76 KB
26 KB 552ms
401ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=600&slotname=9944585812&adk=1678972621&adf=2592990185&pi=t.ma~as.9944585812&w=160&lmt=1648776344&url=http%3A%2F%2Fxtreview.com%2F&wgl=1&dt=1648776343657&bpp=16&bdt=1961&idt=349&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=4942415356370&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=50&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cpn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=g8qVZ6vgsE&p=http%3A//xtreview.com&dtd=352

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ecfeae20fab343a46418745ad4c54bfad371035c8d7ae65b4d1e4b90b26bbc0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPn8vMLa8fYCFa6Agwcd-Y4M6Q&gqi=mFRGYpqZC42PrATQ7L-gBg&layout=/sadbundle/%24csp%253Der3%24/14394067912878981120/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25573
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPn8vMLa8fYCFa6Agwcd-Y4M6Q&gqi=mFRGYpqZC42PrATQ7L-gBg&layout=/sadbundle/%24csp%253Der3%24/14394067912878981120/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 01:25:44 GMT
expires: Fri, 01 Apr 2022 01:25:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 153 KB
27 KB 326ms
167ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=600&slotname=9944585812&adk=1678972621&adf=2592990185&pi=t.ma~as.9944585812&w=160&lmt=1648776344&url=http%3A%2F%2Fxtreview.com%2F&wgl=1&dt=1648776343657&bpp=16&bdt=1961&idt=349&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=4942415356370&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=50&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cpn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=g8qVZ6vgsE&p=http%3A//xtreview.com&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbe03e13c5631178bcea784e0cd37fa982549be1183567da94dc618adf212c0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 141269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25699
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 10:11:15 GMT
expires: Thu, 30 Mar 2023 10:11:15 GMT
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 001A 0
0 211ms
126ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbcZAmFRGYvnQC66BjuwP-Z2yyA6W5bXCaPzescaMD-S82anXKhABIIi4qgRguwagAYGQjs4DyAEJqQJyHlbReQu2PqgDAcgDAqoEwAFP0J3w3E8LBQIkj4IYR6jr_puCkevozXRMtmDYzha4T4v3q_Kgo7aK_IuJ6FNA0--24hXCyr50Xz2d7bSGMbvN1M0g8n18g8X4mzABAEgRjwu0f0E4qmgqn-EKMLq3BSxAEZhTQPcBDgzSWmFsP9pLOw4qNB0yhKpFqGhnxfhYWsTwvTxtLYgltJLoHlN55yvV7STngD-FWPg86APMocRQf4IcRZbzuEl32L5OkP74Pm1puwgsIbA8wsq4-mZWhkXABP3z-MzeA5IFBAgEGAGSBQQIBRgEoAZdgAfn7_ExqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQhdIe0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY2MjEwNzU3NjA2MTIyNjcYAA&sigh=oSxzHj1wD2o&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=600&slotname=9944585812&adk=1678972621&adf=2592990185&pi=t.ma~as.9944585812&w=160&lmt=1648776344&url=http%3A%2F%2Fxtreview.com%2F&wgl=1&dt=1648776343657&bpp=16&bdt=1961&idt=349&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=4942415356370&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=50&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cpn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=g8qVZ6vgsE&p=http%3A//xtreview.com&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 01 Apr 2022 01:25:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Apr 2022 01:25:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 648A 143 B
163 B 158ms
76ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=600&slotname=9944585812&adk=1678972621&adf=2592990185&pi=t.ma~as.9944585812&w=160&lmt=1648776344&url=http%3A%2F%2Fxtreview.com%2F&wgl=1&dt=1648776343657&bpp=16&bdt=1961&idt=349&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as%2C336x280_as&correlator=4942415356370&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=50&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cpn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=g8qVZ6vgsE&p=http%3A//xtreview.com&dtd=352
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 1112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:07:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 001A 2 KB
1 KB 321ms
165ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:22:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 001A 119 KB
37 KB 275ms
114ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 01:25:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 001A 15 KB
6 KB 249ms
94ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:03:17 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 70B3 9 KB
4 KB 245ms
84ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=3885381099&adf=211726879&w=336&lmt=1648776344&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343456&bpp=7&bdt=1759&idt=545&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ol5EC9XyWr&p=http%3A//xtreview.com&dtd=548

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 03:02:07 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 70B3 8 KB
4 KB 245ms
85ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 19:34:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 70B3 8 KB
1 KB 254ms
93ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 23:33:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 01:25:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 01:25:44 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 70B3 2 KB
904 B 182ms
86ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:02:21 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 70B3 19 KB
8 KB 195ms
83ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:23:36 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 70B3 2 KB
1 KB 181ms
86ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:22:06 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 70B3 15 KB
6 KB 214ms
104ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:03:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70B3 119 KB
36 KB 360ms
247ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 01:25:44 GMT

GET
H3 200 63f6484ee989c3eda25e621c99817b87.js Show response
www.gstatic.com/mysidia/ Frame 70B3 29 KB
12 KB 196ms
100ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63f6484ee989c3eda25e621c99817b87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 08:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11974
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 08:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 08:30:10 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 90BF 9 KB
4 KB 100ms
93ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=188382957&adf=4078635754&w=336&lmt=1648776343&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343437&bpp=15&bdt=1740&idt=541&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&correlator=4942415356370&frm=20&pv=2&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=I8ejy2wZky&p=http%3A//xtreview.com&dtd=556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 03:02:07 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 90BF 8 KB
4 KB 103ms
97ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 19:34:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 90BF 8 KB
965 B 102ms
95ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 23:36:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 01:25:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 01:25:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 648A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
79ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:25:45 GMT
expires: Fri, 01 Apr 2022 01:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:25:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 90BF 2 KB
904 B 115ms
86ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:02:21 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 90BF 19 KB
8 KB 182ms
182ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:23:36 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 90BF 2 KB
1 KB 115ms
87ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:22:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90BF 119 KB
36 KB 192ms
192ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 01:25:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 90BF 15 KB
6 KB 197ms
197ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 01:03:17 GMT

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame 90BF 29 KB
12 KB 115ms
85ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 11:21:33 GMT

GET
H3 200 adview Show response
googleads.g.doubleclick.net/pagead/ Frame 70B3 0
17 B 128ms
128ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8XeCmFRGYpHQC9Xf3wO2_5jgCc-K7a5pqpz4htQPwI23ARABIIi4qgRguwagAZyH1rooyAEBqQLPvnKwpZCyPqgDAcgDwwSqBM4BT9CGoK8wA6boqeFOrhJdrpbi6b-fsgqsvTwv8FlZM8b7Ci1SK6JUxHKKRaQCvMm5LwR3i7G1AJ4ZrMwXEflgSBmGmLdIN3QZnK56UO8q4AZZFXlB96lhvovr5ppQFnLe1VqKIW-lVuOIovi9dbCudHGHFYvYxaSVUQgE33mbgNaeNY1C3uvVrJMBECyluVAMV4egDFcmRcZvaCPf9GK7uVQJP-iUxavn9nxcJALF7PatTUYSTy70Atzr1-Jla2o1i_L9jFvmvSeuC6XPreLABNy8-4X5A5IFBAgEGAGSBQQIBRgEoAZRgAecv6aaA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPqYENIICQiA4YAQEAEYH4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi02NjIxMDc1NzYwNjEyMjY3GAA&sigh=KJj5oHyna08&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=3885381099&adf=211726879&w=336&lmt=1648776344&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343456&bpp=7&bdt=1759&idt=545&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ol5EC9XyWr&p=http%3A//xtreview.com&dtd=548
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 01 Apr 2022 01:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE21 143 B
163 B 91ms
91ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=3885381099&adf=211726879&w=336&lmt=1648776344&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343456&bpp=7&bdt=1759&idt=545&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&prev_fmts=336x280_as&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=3026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeEbr%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ol5EC9XyWr&p=http%3A//xtreview.com&dtd=548
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 1112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:07:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 90BF 0
0 132ms
132ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNGULmFRGYqzQC-733wPuwqvwBffg5qZo_KL-j4sPwI23ARABIIi4qgRguwagAfKwqf4DyAEBqQKJcae92Au2PqgDAcgDwwSqBMoBT9A9EYgHU5Teutdz74l1vDGe0DGnNUD1ZQ-954Bj3EydCsPo7aG_Ynskp7b6EM4ncvg0Rt4LNiDuGaGq9S7N1TRc_SFQu_f8h2rPmveYmEDxQaJkk8oSEtTYRY1IWKfjI-TKzBDBRYw_qXyM1NSS8Dzu8iNtqxhQxWxbRHHM0tDCDlkhED6ATqAGML8Vw923l2ifAxqVbDrbQanZvK3L_LuqjVX-x_dssa3YMoXmZZlym8_PZTWw0Jb7eJUKKYNU2XxcJBq1AQ_OVsAEk8CO9vADkgUECAQYAZIFBAgFGASgBmaAB_bO1gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDllIQB0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTY2MjEwNzU3NjA2MTIyNjcYAA&sigh=P8casZ4ROUk&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=188382957&adf=4078635754&w=336&lmt=1648776343&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343437&bpp=15&bdt=1740&idt=541&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&correlator=4942415356370&frm=20&pv=2&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=I8ejy2wZky&p=http%3A//xtreview.com&dtd=556
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 01 Apr 2022 01:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 70B3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7891fba016dfb565e7cd2bf9ca2068c87cf0fd69e01dc85c3425df20f7731200

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame A1DD 1 KB
407 B 176ms
77ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 23:37:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 01:25:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 01:25:45 GMT

GET
H3 200 nadir-hero-img.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 113 KB
113 KB 178ms
165ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/nadir-hero-img.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

830966159f5de04c698b991860de7d3ad1056825d1f6f0552526da6d0900b4c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115279
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Tue, 29 Mar 2022 20:44:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 20:44:11 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A1DD 16 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 01 Apr 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A1DD 26 KB
10 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 01 Apr 2022 16:13:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76EC 143 B
163 B 75ms
74ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&h=280&adk=188382957&adf=4078635754&w=336&lmt=1648776343&channel=1781651155&ad_type=text&format=336x280_as&color_bg=191919&color_border=191919&color_link=ff9900&color_text=8a8a8a&color_url=ff9900&url=http%3A%2F%2Fxtreview.com%2F&alternate_ad_url=http%3A%2F%2Fxtreview.com%2Fgoogle-alternate-url.php&wgl=1&dt=1648776343437&bpp=15&bdt=1740&idt=541&shv=r20220329&mjsv=m202203290101&ptt=5&saldr=sa&abxe=1&correlator=4942415356370&frm=20&pv=2&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=401&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&pvsid=2825561529958351&pem=670&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=I8ejy2wZky&p=http%3A//xtreview.com&dtd=556
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 1113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:07:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 001A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4b4093c3f924036387b070a3fb68ea53c815f00c533c057ad02cd0fe70781b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE21
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

74ms
74ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:25:45 GMT
expires: Fri, 01 Apr 2022 01:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:25:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 76EC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

67ms
67ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:25:45 GMT
expires: Fri, 01 Apr 2022 01:25:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Apr 2022 01:25:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 90BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186788062c0dc4e97043a033b8ea914f5377033e90ca97e58a85046c15983352

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 90BF 28 KB
28 KB 134ms
37ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 182343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 70B3 28 KB
28 KB 168ms
74ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 182343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame A1DD 23 KB
23 KB 136ms
117ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 107715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:30:30 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ Frame A1DD 23 KB
23 KB 119ms
100ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:31:09 GMT
x-content-type-options: nosniff
age: 604476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 01:31:09 GMT

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BE54 35 KB
13 KB 94ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:56:05 GMT

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FD2 35 KB
13 KB 60ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:56:05 GMT

GET
H3 200 nadir-hero-img.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 113 KB
113 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/nadir-hero-img.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

830966159f5de04c698b991860de7d3ad1056825d1f6f0552526da6d0900b4c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115279
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Tue, 29 Mar 2022 20:44:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 20:44:11 GMT

GET
H3 200 HRZ_RY_TK_rgb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 9 KB
4 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/HRZ_RY_TK_rgb.svg

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd05c4e7898527514e35ce29e5144acce25e1d96073573f57d841a79a8df42c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3663
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Wed, 30 Mar 2022 07:01:18 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 07:01:18 GMT

GET
H3 200 VRT_RY_TK_rgb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 9 KB
4 KB 53ms
52ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/VRT_RY_TK_rgb.svg

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a8bd06751890737b6d157deecd20daba65d21ffffb22c70a4a6b3df6084462

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 177022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3831
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Wed, 30 Mar 2022 00:15:23 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 00:15:23 GMT

GET
DATA 200
OK truncated
/ Frame A1DD 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 HRZ_RY_TK_rgb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 9 KB
4 KB 59ms
58ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/HRZ_RY_TK_rgb.svg

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd05c4e7898527514e35ce29e5144acce25e1d96073573f57d841a79a8df42c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 152667
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3663
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Wed, 30 Mar 2022 07:01:18 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 07:01:18 GMT

GET
H3 200 VRT_RY_TK_rgb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 9 KB
4 KB 60ms
59ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/VRT_RY_TK_rgb.svg

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a8bd06751890737b6d157deecd20daba65d21ffffb22c70a4a6b3df6084462

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 177022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3831
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Wed, 30 Mar 2022 00:15:23 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 00:15:23 GMT

GET
H3 200 nadir-hero-img.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/ Frame A1DD 113 KB
113 KB 60ms
60ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14394067912878981120/nadir-hero-img.jpg

Requested by

Host: xtreview.com
URL: http://xtreview.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

830966159f5de04c698b991860de7d3ad1056825d1f6f0552526da6d0900b4c3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 189694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115279
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 10:36:22 GMT
server: sffe
date: Tue, 29 Mar 2022 20:44:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 20:44:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 90BF 42 B
64 B 162ms
96ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv10b6wBJ2TwZWnKx7YCI1-v_NYVF2tXTg41EP2DtAsO-G7jPLzB6ceHnBtb13E8gwDv2J6iuMmJHm4zhvHzf0gryPMWo1M8ydvTZ6RVsbV8vXarEvfOQ&sai=AMfl-YSJq2ZTyJ_389mWGSYrhQid8y7IeXq0ztgp91EyQcdW665zrKETia21UHcqGlK7nw2Ci0O2vxQOKMo-&sig=Cg0ArKJSzBHZnCcDO04nEAE&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=188382957&rs=2&la=0&cr=0&vs=4&r=v&rst=1648776343995&rpt=1388&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 01:25:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK readRSS.php Show response
xtreview.com/ 23 KB
8 KB 311ms
176ms XHR
text/html 208.94.245.218
JOESDATACENTER

General

Check archive.org

Show headers Download Go to

Full URL: http://xtreview.com/readRSS.php?rssURL=http://xtreview.com/rss.xml&maxRssItems=50
Requested by: Host: xtreview.com
URL: http://xtreview.com/js/ajax.js
Protocol: HTTP/1.1
Server: 208.94.245.218 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software: Apache/2.2.19 (Win64) PHP/5.4.5 / PHP/5.4.5
Resource Hash: 17313073101e71406cc7e745d71c7cb08ce5bf857fef52477652f4541d659be2

Request headers

Referer: http://xtreview.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 01 Apr 2022 01:25:53 GMT
Content-Encoding: gzip
Server: Apache/2.2.19 (Win64) PHP/5.4.5
X-Powered-By: PHP/5.4.5
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77611356ce10c4caab392d0cbb7922b929643265f5f115bc4f78a859b2ede85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54075
x-xss-protection: 0
server: cafe
etag: 8225206995328159587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Apr 2022 01:25:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 69ms
68ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220329&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbae152daa9f4b8b6011676b8af39fe53cae932f0ab15b31a1a28c72db4b9ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 01:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10672
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Apr 2022 01:25:48 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/ Frame 7F12 10 KB
4 KB 53ms
52ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 3290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 00:30:58 GMT
etag: 4044455266028820542
expires: Fri, 15 Apr 2022 00:30:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 127ms
63ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=xtreview.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 01:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
61ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xtreview.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Apr 2022 01:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08A7 0
16 B 155ms
154ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6621075760612267&output=html&adk=1812271804&adf=3025194257&lmt=1648776348&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=1781651155&format=0x0&url=http%3A%2F%2Fxtreview.com%2F&ea=0&pra=7&wgl=1&dt=1648776348052&bpp=2&bdt=6355&idt=2&shv=r20220329&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc5938964514ea294-2257685b69cd0060%3AT%3D1648776344%3ART%3D1648776344%3AS%3DALNI_MbVz0V7vdJh5LqMFIMm1BHECesODQ&prev_fmts=336x280_as%2C336x280_as&prev_slotnames=9944585812&nras=1&correlator=4942415356370&pv_ch=1781651155%2B&frm=20&pv=1&ga_vid=1893503966.1648776344&ga_sid=1648776344&ga_hid=2122383646&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760333%2C44760474%2C31065972&oid=2&psts=AGkb-H_7McrpUut9TPv22bngnjTWkof5BNUaitxCCJC_algWooBwssefKpYa2qRGxyrq_c8fFvpDq_CsS_vPYrhbNg%2CAGkb-H_6oYNgHT2ErbBppTXC-hbIK9vRYgEVEvClep8n-sdAZ4o97A3UZka0Abx5ymm2gyrqS3tM_O0fUtgDyA%2CAGkb-H_LQHUtSUcE9Pwxme5O9jY3KuCcR2p_8YMbkhia4D3Xe9kXdiL7G-V7I0O_UymOnDZnNX8SxyFGjPSf6s4&pvsid=2825561529958351&pem=670&tmod=1713133874&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 01:25:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5EF4 13 KB
5 KB 56ms
55ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 33317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 16:10:31 GMT
expires: Fri, 31 Mar 2023 16:10:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 162B 783 B
534 B 69ms
68ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4aaf0fbd196401fd7c33b086b45409e8d62563490bfdf1dddd3c3234aef951ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rmOMqGjcwQSaNBZxsrm+mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-rmOMqGjcwQSaNBZxsrm+mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 01:25:48 GMT
expires: Fri, 01 Apr 2022 01:25:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EF4 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:56:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13748
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:56:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 162B 0
0 126ms
126ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220329&jk=2825561529958351&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5EF4 0
9 B 53ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?z07bhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:25:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 105ms
104ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220329&jk=2825561529958351&bg=!Pj2lPXnNAAZku-1yRLs7ACkAdvg8WiRDDhdAE8Qx9bxdo0a6QDj2rHj43aPW3_YvGAq45XzZKfFj2AIAAABTUgAAAAJoAQcKAG5UQRVe4zSFDU1scc4WoAoMAKW50QFFvod0gZ3EPqFriAglIvcp8-aCHckHb9U6TsayLD4WmYBwxHViYZ-d7NE7panWBHaQDXT2mKU4GOa-FF_n0fqqNIfcBemMVMdycvWRB9E7SA9cK7HiK5vZhJkCtSc6QYvtmoww0f6yPv-xFtFTMQceODsfXFVuq0-cHHZBrGfyhs-Q-6DmGzxQ699SpavFmE_Y-s4NRvNwjhXMp1FOSUZl41ruWN2XBMeUC-zYim4HQKVJkXOOHdTdoEa0INFpJVQYDVsGKycwhaGpAQTbdfREQAJc8bSHBggTozTLoKktXbvHiuJxhjeN6-H4LbAsUY5O9m10STvKwlbIK6DYiz0nBy1N9L-V0-tGhX5JnWkJqUiYxYkfeA5vGN-gRdRUomsI-huZ2_jrG4vu_epHzvjvH6svCth_7LtzYielm1PVbwBTm4BeHhFstoFe2zwNDLRI3qVV1BFi73eYX3kNwcluKdBnbwPzrj8MkDERSmI5nNVs9-mJ5gn4DtxtjayBzLEyli2KhkRkjn-3X1R_H-mfHVTkvy7PudS4HPnFUdRo-e6HKwHgMmhileCTqPT21qEZNWjya4OQQ4uCJEiDZJ9c0nKfAGaynAef8aaBJ4GYLmE4ZuJVusFvdeJeiIUJ-6pVM7nN1kO8IP4BCTXa9XCymenyoKy9AwxwmzoxzoLCKeQCTngf1j-o8h_LqQYXsXLuHlNrdy9rDQ76iTRclTWOO22K6tpczwG64G9cy581XXBUgVbWyGlSRBhUbja_KSwoEHuP_AIJpRTQFXqHbbOWz2HH-2XsBpZLL9HbPWbfJPAXl6ydP3VOhld2ulwo5B9dZIjp0HXabbewQ3QFveI5PXuQ3WWGQpX_DzS_ZlqHvLS2SnqQ47E5DRyKQ5xRz9bC4yI-QQUqhfDHzngk84W3aoFcVfjxAARCSG-HxhV2FYlp8LiejOyhQ4hlsPJrqetaSiNNMVK8KBvK4Pb4Ae5d6TUFipRN7L_QYPJ5Eq_RzbUeYJcWGttpaQ9YKhaWbU6pL56T6RsG6vVvMI0Rb_NKwg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://xtreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Apr 2022 01:25:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserving.cpxinteractive.com
URL: http://adserving.cpxinteractive.com/st?ad_type=iframe&ad_size=160x600,120x600&section=187303

Domain: adserving.cpxinteractive.com
URL: http://adserving.cpxinteractive.com/st?ad_type=iframe&ad_size=160x600&section=2723548

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xtreview.com/	1969-12-31 23:59:59	Name: tf0 Value: y0
xtreview.com/	1970-01-20 01:59:39	Name: tf1 Value: y1
.xtreview.com/	1970-01-20 19:30:48	Name: __utma Value: 100096983.1893503966.1648776344.1648776344.1648776344.1
.xtreview.com/	1970-01-20 01:59:38	Name: __utmb Value: 100096983
.xtreview.com/	1969-12-31 23:59:59	Name: __utmc Value: 100096983
.xtreview.com/	1970-01-20 06:22:24	Name: __utmz Value: 100096983.1648776344.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.xtreview.com/	1970-01-20 11:21:12	Name: __gads Value: ID=c5938964514ea294-2257685b69cd0060:T=1648776344:RT=1648776344:S=ALNI_MbVz0V7vdJh5LqMFIMm1BHECesODQ
.doubleclick.net/	1970-01-20 11:21:12	Name: IDE Value: AHWqTUnT6YI_fw8xFT0GDKzzcJq_Zcf0tAxfsIkdEtKu4mvmtdMWQoZ0ZcmnuU_TnkU
.doubleclick.net/	1970-01-20 01:59:39	Name: DSID Value: NO_DATA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js(Line 826) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/displayAd.js?dver=0.9&th=10113555316, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js(Line 826) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/displayAd.js?dver=0.9&th=10113555316, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://xtreview.us.intellitxt.com/intellitxt/front.asp?ipid=5659 Message: Failed to load resource: the server responded with a status of 503 (Service Temporarily Unavailable)
javascript	warning	URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=3&adContainerId=richmedia_4&rnd=16268572, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=3&adContainerId=richmedia_4&rnd=16268572, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&size=160x600,120x600&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=5&adContainerId=richmedia_6&rnd=16265942, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://tags.expo9.exponential.com/tags/xtreview/ROS/tags.js(Line 1693) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=10113555316&tagKey=1110421461&site=xtreview&adSpace=ros&center=1&size=160x600,120x600&env=display&url=http%3A%2F%2Fxtreview.com%2F&f=0&p=16265378&tKey=aamneMXsY21sJomq7T3F350sjrT3n6nE&a=5&adContainerId=richmedia_6&rnd=16265942, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.co.uk
adservice.google.com
adserving.cpxinteractive.com
cdnx.tribalfusion.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
scripts.chitika.net
tags.expo9.exponential.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
xtreview.com
xtreview.us.intellitxt.com
adserving.cpxinteractive.com
142.250.181.226
208.94.245.218
2606:4700::6812:517
2606:4700::6812:c05
2606:4700::6812:d05
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
3.225.179.96
65.9.66.29
04af7d4dfe9f3a64ee1c3a992a8d34ac242d62141ff0c2e2ca16152d8bf77a2d
06f72054848326e726ef8fb84f04e1f84d9997a7da189da6388153fbc11c9000
077babcc5e9702117f8df7f0b52d863a4a958a3b893b7c81bb602f123a087792
08f9d50ad0d5fbc8a561c5fe941d7b3926e76cea303c7c503bc7e3c932f3fe0f
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d1a5994affed8c6155233d4530118910b6c57c310bdcf9b4feeb42d4f37c635
0d66d9d4234bf852784c8226ca9e4aed3fe1146fd3486655d2df93b54168f379
0dbe03e13c5631178bcea784e0cd37fa982549be1183567da94dc618adf212c0
0ebc53a2985792dc091b60b8e31ac01ffbcf77199d2ba4b0cd046ca0af7ff05b
0ecfeae20fab343a46418745ad4c54bfad371035c8d7ae65b4d1e4b90b26bbc0
1077ed4645c7a2221009ec67803d106f0f64ded8508028f718bf83702f890421
17313073101e71406cc7e745d71c7cb08ce5bf857fef52477652f4541d659be2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186788062c0dc4e97043a033b8ea914f5377033e90ca97e58a85046c15983352
1b8aa62b56c66a44e0dab22ea2df6fffdd4ae539c97184eec83719699b93bce0
1d0a77c5c4a6cdc7d55f1527fa3715b4c70c885a597b51db2859ccd69aad305c
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
20e4e55a5c901b23162604c338c5bf5f33d788a999ef9eddc8a968f5d8e17f84
214ca9b16d9f1d2c6daa23c66d3e108b160423f3d16052bf8c06483cd6780c42
228e7abc6f0b491c177be9ee528856caf19ea3135c014713cc67ad64f2ae50b6
24a8bd06751890737b6d157deecd20daba65d21ffffb22c70a4a6b3df6084462
26f528645781d15ab4b1e1dec8c4fdd71f48abafbd297f48d329b95c1742b1fb
28398cf9b20658ab4a9ddc83b61e45508631e9d97424d28c42c9733ec48c6985
29862a92c7c22642477e73c8fba31f92367afda4e591dffab3c89fc37a044fbc
2cd0a791a2a075e4a16c9eebc7184e96f1c125e4447f7eebc437370cd2053404
31f07a5e050d031cffc853f837f64c508f04bde9328456b71ec20b74dfeaa011
369598c2bc711246c9ff58115992da1ae8db11a2453debbf95a37be3fb8335af
38a196c607b31a17dc7a791c5e8f4561a6e71f634ff4171828b78bacd4446f9b
40b8901d304e3f1c2952a2a0fdaacd687876b2845217a9676c2a9c3023102302
42d0018ba2e746b7d106bfd411058d0fbea42fbd726394ca0fe8c5b64743abc9
43599597655e42ea0647ca5113be6b62bd2a7e4f999e812b5f29cb7686ad3f7d
48435da4fa79f74a2f884ed41e0eaeab8112336d103b35940a0d146c78fa94c4
48bf1d0eee3dac39c5999282f0c273a37770ef4a27a280145b4ffc641284efc9
48dd63d2e4e3fb1b623e6441d5271a21af6a223519ec41213054218a6735931d
49619bce32727fc30383850bdb6c5a3662aa49e2f882c9f3a1bea9fd34653f3e
4aaf0fbd196401fd7c33b086b45409e8d62563490bfdf1dddd3c3234aef951ce
527a16e9eb9107010566a1f6e99bbeb20ef148d9d34da8924059b51e09c54788
52a556cdcfa9300a0087223d156afeae418e91ea8eb8870a4f99f331de7a326b
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5771bca47480fe07b8b7c7c525f51d4316c656799f29519c63ee7986cd1bdcad
5d6e3ec848178eca2ea919d734b5318cb52b96cbd5fc1b9fcb40db4ee402d5f9
5db0c1158297c20dbe5047fce39480487bc75668e59b13555c766c279593d1d8
5e83ebe6e1ca67fa04d8b3d6791d481a8bf69c548f13da6712075daf3210281c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60436f74af16144cdd9afc83bc6b6fbabb47df4fe42e87fbab38d9ec44bb0181
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634fb86a84dc75338186490456ae73ea6a2d6683453f893cefd6df3513d57bf3
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
74db0296b95a35860592faecabd436433a2fde95792da466182d742ae8be627b
77611356ce10c4caab392d0cbb7922b929643265f5f115bc4f78a859b2ede85e
7891fba016dfb565e7cd2bf9ca2068c87cf0fd69e01dc85c3425df20f7731200
79bd5bd4e163ee1dcd445500abecceaff7916e41060cc21fdb62ccbd1f14385d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a720f8796831a3b027a81207b8a12aa740a58873e0eb6680c72b8ca90483cd2
7c7ce47aaecd041b4277ed548d8598c761aa52d5808d83031bad206c97c4edf2
7df7f48fbe9766bb1e6f0b943e31ef813930c5c8bcd3bd06dc8f90df439eaa19
8117e865343d31659f8ef13df8cdf56681044c4177f0fbdee6d0aa7bfecfcbcd
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
830966159f5de04c698b991860de7d3ad1056825d1f6f0552526da6d0900b4c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c76c73a6437e6e1b812f3f2f88137fd38d1c36e3edf306df90dbeb720951ca
8420853822351308069e4df94dc2d6cddf5e907fbdce7bf79b3da1c69cee7af8
883a6ffb2d970fe19a2653d496b3cf65deef2e6e8e655a697959771a9b7d2dc7
8be08472eddf6c8e20ea27c10c9a5f30c034ef90d5de99e95aa1c92c336ac0bb
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
927b199505c0e795250b62f213d7d28e22c436b86eb6951e169bc5a3ea73cf1c
9541a908112fc1caabcbff65c9245917abcf03029cd7b7fda4a36df666370ed8
9a253700895fb01f66b8bef20edb9a5eecf7062f2e886b58a770b4d5130c1d28
9ceddde19051b5fc3155fe3f1a422b79fe3c79359abea5772439eb68bd9b7877
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d044a62500801c76a0993226b0eb4f66e79ec890a5a9268f089b191c16e5e2
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a7fa7f6c710d844e6c39ecddde21a7b9d017a38cf351ea348aa2789a0391fbba
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
ac9137f25754a7a4379871e5e8b2a65e210268b91778fc0bcc5a0b224c163f47
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
b1d820e868e7bdb2a4a1a2942c69f8b103ab231566685107783dc261e63575b7
b4918ed243df0b503f46bd4553b397e4417c8e803d5fd88747a67653e6a34f7c
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bceaf1d1783042f22d9bda2c6ef14ac5535c3b6f6ef9e6f36090f6f311add479
bd05c4e7898527514e35ce29e5144acce25e1d96073573f57d841a79a8df42c7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb561cd233f45d1673411866767ddb162ee40503bc71195ef8f186ec41f97fa6
cb598e79795279628d185f6abe227de3a44cffaf5afdf8352e11f8760459f8d7
cecb445c04784e50ce1cfe4773eac663d35b2fd93630fc460903065b036e559b
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d1782bd294eed2bfdd5488d969dd1d8eeee1861bbb47ece21e3707bbea5088ba
d225995627ef1c1a0fa44def1901a9708be87e2b8693c35e8650a72bfc65001f
d286e9ee5920059b157e7b835fcc6d2602803fd50c4d21209296ba09888bbfa3
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
da3d52bcd3b8b37f714ad9cf407eecd20d0cd10f6797ffead6b8abd7e6f4e03f
de030bfaea70d56dd8d346f30a4630a3bf1ad75402e56818e209abcb8f273f5d
de69f767f534be54eede207519b817c6725dcc2622d7bb34044a481d9eda3f09
df58b34f9a5f4f2a2ae066226d2c1c794e82d9e6222c68179f44da477f1d53f0
e2b4bde99c224756ce4982bb108d94fe5d022e4c193b024388a0848c1ed5abfc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73df1a11554ad3829934c211ff37223ee37f6e97d42200e338e068980b27071
ea4b4093c3f924036387b070a3fb68ea53c815f00c533c057ad02cd0fe70781b
ebe9fb742bf530f067decf489e14123720d5e4edd809785a7ec8f62dc6e81a8d
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed192b97b3e698814b2c20471b3b037acfeb9d44fbe27c755e833c34f6f5e41e
ed1dbd7aa158254f0a2cfdf6bcf249d9874d42f312f5129a46ce2f801dd2ebed
ef02fe8556b2a2a0c03e5824683ca0dc46b30f297d0cbfddb1a57524ca9f2bca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b451501c9ff4658cde62bec7e0379c11766ef9eb97ce21896dc628df7d533b
f5af0e0be791ace7f04e6d503b5314eced536d8d9fd4321dccabc7a02f539af6
fa6a1e4eb1cfb5facf41ea04feae5398d9e9f66f8afaa35515fc215a7475398c
fbae152daa9f4b8b6011676b8af39fe53cae932f0ab15b31a1a28c72db4b9ab0

xtreview.com Open in urlscan Pro 208.94.245.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

144 Requests

47 %HTTPS

78 %IPv6

15 Domains

19 Subdomains

19 IPs

2 Countries

1600 kBTransfer

2877 kBSize

9 Cookies

49 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xtreview.com Open in urlscan Pro
208.94.245.218 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

47 %
HTTPS

78 %
IPv6

15
Domains

19
Subdomains

19
IPs

2
Countries

1600 kB
Transfer

2877 kB
Size

9
Cookies

144 HTTP transactions
4 data transactions