getmyofferscapitalone.xyz Open in urlscan Pro
2606:4700:3032::ac43:a522 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://getmyofferscapitalone.xyz/
Effective URL:
https://getmyofferscapitalone.xyz/
Submission: On March 22 via api (March 22nd 2021, 10:53:00 pm UTC) from US

Summary HTTP 115 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 21 domains to perform 115 HTTP transactions. The main IP is 2606:4700:3032::ac43:a522, located in United States and belongs to CLOUDFLARENET, US. The main domain is getmyofferscapitalone.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time getmyofferscapitalone.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3032::ac43:a522	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	209.140.149.182 209.140.149.182	11643 (EBAY) (EBAY)
1	104.75.89.51 104.75.89.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
20	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	52.35.2.64 52.35.2.64	16509 (AMAZON-02) (AMAZON-02)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:73b:46ad:270f:ab37	16509 (AMAZON-02) (AMAZON-02)
2 2	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
115	19

7 2606:4700:3032::ac43:a522 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

getmyofferscapitalone.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.149.182 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-web-public-1-3-lvsaz02.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.227.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.35.2.64 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-2-64.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.208.246 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:73b:46ad:270f:ab37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.69.120 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	104 KB
36	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	395 KB
19	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com	267 KB
7	getmyofferscapitalone.xyz 1 redirects getmyofferscapitalone.xyz	172 KB
5	googletagservices.com www.googletagservices.com	170 KB
5	google.com 3 redirects adservice.google.com www.google.com	1 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	3 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	quantserve.com cms.quantserve.com	883 B
2	rlcdn.com 2 redirects id.rlcdn.com	888 B
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	469 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	google.de adservice.google.de	2 KB
1	innovid.com ag.innovid.com	296 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	ebaystatic.com secureir.ebaystatic.com	505 B
1	ebayadservices.com 1 redirects www.ebayadservices.com	535 B
1	googleadservices.com partner.googleadservices.com	652 B
115	21

	Domain	Requested by
21	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	cm.g.doubleclick.net	getmyofferscapitalone.xyz googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	getmyofferscapitalone.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	getmyofferscapitalone.xyz	1 redirects getmyofferscapitalone.xyz
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	cms.quantserve.com	googleads.g.doubleclick.net
3	www.google.com	3 redirects
2	id.rlcdn.com	2 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	e.dlx.addthis.com	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	secureir.ebaystatic.com
1	www.ebayadservices.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
115	29

This site contains links to these domains. Also see Links.

Domain
www.capitalone.com
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
youtube.com
generatepress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.ebay.com DigiCert SHA2 Secure Server CA	`2020-05-28` - `2021-05-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 18 frames:

Primary Page: https://getmyofferscapitalone.xyz/
Frame ID: 2991E9C421579853CFFA6326886B46A1
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html
Frame ID: E48C1488FE5988970D30E6D7FE23F470
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108
Frame ID: 64892FD4AD7F4C85D5A45250D493AEC5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&adk=1812271804&adf=3025194257&lmt=1616450413&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&ea=0&flash=0&pra=7&wgl=1&dt=1616453548620&bpp=1&bdt=215&idt=93&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280&nras=1&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=100
Frame ID: 3AD410ADC7EF759C61344F6E8B2AB9F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18
Frame ID: 48DF0486990DDED4BEE4E00ABBC5A178
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23
Frame ID: 0213F724669F3EC2AA35B0D81D1BB8ED
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=3322168490&pi=t.aa~a.1365230754~i.24~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=1&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=dJlhsAUAkj&p=https%3A//getmyofferscapitalone.xyz&dtd=27
Frame ID: 4B5BA59C1DB8DA03F275BAB5D1CB70C3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B5B3F26C27C21066F4F697ED92701FE6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 3628777300F3246031237F9968D49827
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72AD35B0030A108564427C9D26241DC8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A0EEF46E2FEC82A14EF7D773111509F2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 67D6BE0CDCE27346907D3967536FABC9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 56214E68957217E50116FF3CD9C4FA57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 502DECD93F27E87327295A0E9C26AFD5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 059A4C34F46502D9907E7653FFD56D7B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 179ED52C3287955B3B9ADA9DADAF722B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 2428DDF5FC088086366A14CD19EB3EEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 934096967EEA99F20157F3CBCEE9B38F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://getmyofferscapitalone.xyz/ HTTP 301
https://getmyofferscapitalone.xyz/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

115
Requests

100 %
HTTPS

57 %
IPv6

21
Domains

29
Subdomains

19
IPs

5
Countries

1114 kB
Transfer

2442 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.capitalone.com/credit-cards/get-my-card/
Title: https://www.capitalone.com/credit-cards/get-my-card/

Search URL Search Domain Scan URL

URL: https://www.capitalone.com/
Title: https://www.capitalone.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/capitalone
Title: https://twitter.com/capitalone

Search URL Search Domain Scan URL

URL: https://www.facebook.com/capitalone/
Title: https://www.facebook.com/capitalone/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/capitalone/
Title: https://www.instagram.com/capitalone/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/capital-one
Title: www.linkedin.com/company/capital-one

Search URL Search Domain Scan URL

URL: https://youtube.com/user/CapitalOne
Title: youtube.com/user/CapitalOne

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://getmyofferscapitalone.xyz/ HTTP 301
https://getmyofferscapitalone.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 44

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=288156249&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 51

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPuoCdLhCwCRisAjIIDwAhueo-8IU HTTP 301
https://tpc.googlesyndication.com/simgad/6037977029595278777

Request Chain 77

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKtIPtMyWRRdsr5zo60w0nEPQTVAj-YPUlBjKrn79q1JvbOagOtmGDOH6gkYO3TnAdR5SzsWgxaFpc_KnC9-bGyhi0RFE-F&google_gid=CAESEGQ-UafDchkFk1PxndQlEG0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZrZnJRQUFCZUpYNGlIYQ&google_push=AQvitUKtIPtMyWRRdsr5zo60w0nEPQTVAj-YPUlBjKrn79q1JvbOagOtmGDOH6gkYO3TnAdR5SzsWgxaFpc_KnC9-bGyhi0RFE-F

Request Chain 78

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIm-ik3salNxxI8MA9LgmCJGQg9lgLwDpYQ4SROdRCWRh6hwft_QyffjBTEzCgToakhOGLHbBC4Fwjb1hhDBXFrb-ZhNHs&google_gid=CAESEKxxeY8njaFsaRgh_SDSCqA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIm-ik3salNxxI8MA9LgmCJGQg9lgLwDpYQ4SROdRCWRh6hwft_QyffjBTEzCgToakhOGLHbBC4Fwjb1hhDBXFrb-ZhNHs&google_gid=CAESEKxxeY8njaFsaRgh_SDSCqA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjIyMjUyMzA1NTIxMTg4MTI5ODgyOQ%3D%3D&google_push=AQvitUIm-ik3salNxxI8MA9LgmCJGQg9lgLwDpYQ4SROdRCWRh6hwft_QyffjBTEzCgToakhOGLHbBC4Fwjb1hhDBXFrb-ZhNHs

Request Chain 79

https://rtb.openx.net/sync/dds?google_gid=CAESEDkyICfSTfNW3ZHaTgiS378&google_cver=1&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDkyICfSTfNW3ZHaTgiS378&google_cver=1&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

Request Chain 80

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEV8TJwVvZd4BbWGbDhx62o&google_cver=1&google_push=AQvitUJVZquWok_u8ND5HoEjZ5EfASKuJnSw3ctXudfH-pdpjtHx_Dz062-Wu5lAV5rQkwKJRCO3X_eOcX2Hn5Agvv5FAXhJ1ZH1 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEV8TJwVvZd4BbWGbDhx62o&google_cver=1&google_push=AQvitUJVZquWok_u8ND5HoEjZ5EfASKuJnSw3ctXudfH-pdpjtHx_Dz062-Wu5lAV5rQkwKJRCO3X_eOcX2Hn5Agvv5FAXhJ1ZH1&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJDUrnAOTuK5Rwc7wIgxzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJVZquWok_u8ND5HoEjZ5EfASKuJnSw3ctXudfH-pdpjtHx_Dz062-Wu5lAV5rQkwKJRCO3X_eOcX2Hn5Agvv5FAXhJ1ZH1

Request Chain 81

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEGWJJZfjW2HgyepTjco2Pw&google_cver=1&google_push=AQvitUJaAir_puqCsiKaSYRMaRrEOM8rdaQMkE7-ldtWG7jdUhuy-0oJMPlqPx6lvwzDC4TMFyFpAT2atD4WZSY_7OmYgWtwsHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISDAtMVMtNjhTRQ==&google_push=AQvitUJaAir_puqCsiKaSYRMaRrEOM8rdaQMkE7-ldtWG7jdUhuy-0oJMPlqPx6lvwzDC4TMFyFpAT2atD4WZSY_7OmYgWtwsHc

Request Chain 82

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_cver=1&google_push=AQvitULoPBD_3iyGHrG2M6Dx1ajgHTGzEgR8dRNeDrprMxzabjq69WJ8si0qxHChBNpjtv35mExPgVe-08GsjNL3DZhdzmSkOcjd HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_cver=1&google_push=AQvitULoPBD_3iyGHrG2M6Dx1ajgHTGzEgR8dRNeDrprMxzabjq69WJ8si0qxHChBNpjtv35mExPgVe-08GsjNL3DZhdzmSkOcjd&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_push=AQvitULoPBD_3iyGHrG2M6Dx1ajgHTGzEgR8dRNeDrprMxzabjq69WJ8si0qxHChBNpjtv35mExPgVe-08GsjNL3DZhdzmSkOcjd&google_cver=1

Request Chain 94

https://rtb.openx.net/sync/dds?google_gid=CAESEJmlkpv14XoAU6YUKblDu9Q&google_cver=1&google_push=AQvitUIYGD-nhSebh5rAWWpZSBvh-7h6Qos3boc9KsOnXGsnSeozIO88tniqLIuFbmDH8NSehkH2cPZaGDtKi1adE3ZseRfb0iQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIYGD-nhSebh5rAWWpZSBvh-7h6Qos3boc9KsOnXGsnSeozIO88tniqLIuFbmDH8NSehkH2cPZaGDtKi1adE3ZseRfb0iQ&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

Request Chain 95

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB8PLnsDitqDThxFQuq34fA&google_cver=1&google_push=AQvitULxc8CVtVyKJaJxGsQNNI9v4X6_eGmtkr4pC3fRdAFogUKmDqHZdlEpcv3xW_-kxiEygaN6hp32bEejkUtRc_lfYGHLalDm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EEExcmWHTNCEHEr3nBUmbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULxc8CVtVyKJaJxGsQNNI9v4X6_eGmtkr4pC3fRdAFogUKmDqHZdlEpcv3xW_-kxiEygaN6hp32bEejkUtRc_lfYGHLalDm

Request Chain 96

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGjooayaihEOIkU8s6xyQZk&google_cver=1&google_push=AQvitUI29-XJkVlSfC9HPxcYnBf_OH9kSGBmpOAR7xb39DuNAa3Wr40NBP24FbmxxmP4Q7XIsuK8dscMT5fxhLOklQ7B-KKW3OV6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISlMtMTgtSlJKQQ==&google_push=AQvitUI29-XJkVlSfC9HPxcYnBf_OH9kSGBmpOAR7xb39DuNAa3Wr40NBP24FbmxxmP4Q7XIsuK8dscMT5fxhLOklQ7B-KKW3OV6

Request Chain 97

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA2fyA3TBwKsRLEkTdvOu7Q&google_cver=1&google_push=AQvitUICYJNkMRZWG83qK2RPDXOGIXKXCTVrNcAUg25h-ulbC2BAA9IguWGBOw9K7dFZ3eoQKeUYbWwypvXDHuVsnTQcpJghmAoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEA2fyA3TBwKsRLEkTdvOu7Q&google_push=AQvitUICYJNkMRZWG83qK2RPDXOGIXKXCTVrNcAUg25h-ulbC2BAA9IguWGBOw9K7dFZ3eoQKeUYbWwypvXDHuVsnTQcpJghmAoA&google_cver=1

Request Chain 99

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHM0pwm2J7zxp3cjYQO8Vis&google_cver=1&google_push=AQvitUIungBWyBg6T4em8k3XQcLOWhEg6D6TGDRD27hBl8YkDiwMll929zpAg4YR3FcOwyTkkolhn2KBLqVLfLZqhwp-ScVUwys2qQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIungBWyBg6T4em8k3XQcLOWhEg6D6TGDRD27hBl8YkDiwMll929zpAg4YR3FcOwyTkkolhn2KBLqVLfLZqhwp-ScVUwys2qQ&google_hm=

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 106

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitULHfdWbsIzd30EeUxB3W60j1F-bcWuoY89572_TOrnTAWHnYWAkwx2mm3spEyAFZ_YUNHDFZG0VMJX4WlNovWLDtnbd89o&google_gid=CAESELeKAKwaPJs7Zq7SWi3YK6I&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK2_5IIGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVMSGZkV2JzSXpkMzBFZVV4QjNXNjBqMUYtYmNXdW9ZODk1NzJfVE9yblRBV0huWVdBa3d4Mm1tM3NwRXlBRlpfWVVOSERGWkcwVk1KWDRXbE5vdldMRHRuYmQ4OW8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRk9NRFlYcDdIRi10NDBSYkg3b2NCanRxWUpQeHlobEpIVHYtcjZPNENERQ==&google_push

Request Chain 107

https://rtb.openx.net/sync/dds?google_gid=CAESEAdHG0G7-RA8vLgGdKcD6Go&google_cver=1&google_push=AQvitUKnG6ubw52u9uPXtFC_0ChdOXzIUOetcdmCGEHeS6_256Bz2yEaXJi5CCB1uPiPeoJhuC7vKGk5LhqVPHhdrpuhcx6KsD0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKnG6ubw52u9uPXtFC_0ChdOXzIUOetcdmCGEHeS6_256Bz2yEaXJi5CCB1uPiPeoJhuC7vKGk5LhqVPHhdrpuhcx6KsD0&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

Request Chain 108

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB9uLFdATwLvxJrq7lqlX5M&google_cver=1&google_push=AQvitUJkakE1x6V2sAFcHOfjHUUZ0pGKCpwnoJfTJEyHBdW39ta66ZRTShRXJ-WPLPbprorjvUUp8MGIJxJBGQWZYEgPP_PTrDQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5RYC6VzkQ6uzMeXRK2g4AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJkakE1x6V2sAFcHOfjHUUZ0pGKCpwnoJfTJEyHBdW39ta66ZRTShRXJ-WPLPbprorjvUUp8MGIJxJBGQWZYEgPP_PTrDQ

Request Chain 109

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGnXWfJi_n8J7G-bHKzMsJg&google_cver=1&google_push=AQvitUKyQxgACgvnlOUxWs6-fYq-7UrmqB5L4HGZvLTBIxGgpQtXWNZpIZemtmifZEgdNGpEmhFzVgRf4EaSZ86_olZl0HE7Gs0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBITUUtMUgtSEhXMg==&google_push=AQvitUKyQxgACgvnlOUxWs6-fYq-7UrmqB5L4HGZvLTBIxGgpQtXWNZpIZemtmifZEgdNGpEmhFzVgRf4EaSZ86_olZl0HE7Gs0

Request Chain 110

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAjlxU78Lvf-1pkKW-X7n5o&google_cver=1&google_push=AQvitUJ1sbLM1F37VHPXskaVu3BHfVFTgYRO4eVv7PDleP7q5SrVHgM6Tsmf9ZeWpZ-KOJE34oZEtg7-lCrgUdsrY8jw7Hm8H1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAjlxU78Lvf-1pkKW-X7n5o&google_cver=1&google_push=AQvitUJ1sbLM1F37VHPXskaVu3BHfVFTgYRO4eVv7PDleP7q5SrVHgM6Tsmf9ZeWpZ-KOJE34oZEtg7-lCrgUdsrY8jw7Hm8H1o

Request Chain 111

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO5aowVfk2k6Ai6Lh9QzbDY&google_cver=1&google_push=AQvitUL0kgum9rZfyjzqRthMzyeP2_2VZbTyglMBeovdsaFjTWkU8VzboLLV3ytqwZ-UawTjStOFhdzkYOTGzgvToydR5KdgxYo HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL0kgum9rZfyjzqRthMzyeP2_2VZbTyglMBeovdsaFjTWkU8VzboLLV3ytqwZ-UawTjStOFhdzkYOTGzgvToydR5KdgxYo&google_hm=

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

115 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
getmyofferscapitalone.xyz/
Redirect Chain

http://getmyofferscapitalone.xyz/
https://getmyofferscapitalone.xyz/

46 KB
13 KB

646ms
623ms

Document
text/html

2606:4700:3032::ac43:a522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getmyofferscapitalone.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8da9920e582b9d8bc54f6ca7d28fe436cbf073249dc54edf6ab2596fead5f67

Request headers

:method: GET
:authority: getmyofferscapitalone.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c64112bd5c0418ec29bda00699d53e61616453547; expires=Wed, 21-Apr-21 22:52:27 GMT; path=/; domain=.getmyofferscapitalone.xyz; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding,User-Agent
last-modified: Mon, 22 Mar 2021 22:00:13 GMT
cache-control: max-age=0
expires: Mon, 22 Mar 2021 22:52:28 GMT
cf-cache-status: DYNAMIC
cf-request-id: 08fdbccf040000bed37638e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eQkxT8grGYdztKX3gGoRP3%2FStmyVtclgpFdoC4%2Bu2kawx29xZme9UbNGnRl7Dm9jDeBXf40%2FVmYO6pk7xbW5TWVlOxHpZz0zZmfum9VEqPSssiJ6fXKgxQTqGPa24BPBFlFsPgat"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6342fd919ec0bed3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Mon, 22 Mar 2021 22:52:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 22 Mar 2021 23:52:27 GMT
Location: https://getmyofferscapitalone.xyz/
cf-request-id: 08fdbccee0000005f1979ad000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rKxYuIJ3A0TZEQawOUw4v%2FsF5%2B6qUYFrDDbu79s4EgtJSlnNB3tuN9LhLQQQjY6rGCZxrPjagAU%2BdzwbiRRYxci3uSwyFSR%2F4OCAV8ipLcsW10wmToQwEtB71NuKmGC9qbPJ%2F5rV"}],"max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6342fd916d4e05f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7f3e2383ce0e86be569ef3c8f68ca5e9.css
getmyofferscapitalone.xyz/wp-content/cache/min/1/ 76 KB
13 KB 20ms
19ms Stylesheet
text/css 2606:4700:3032::ac43:a522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getmyofferscapitalone.xyz/wp-content/cache/min/1/7f3e2383ce0e86be569ef3c8f68ca5e9.css
Requested by: Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4e8185b08a27a7c082dba5b7d6830198c73eb47a514d560395a5f65e1eb9b5

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 36
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fdbcd17a0000bed39012c000000001
last-modified: Tue, 26 Jan 2021 15:40:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VK5vnr5SX84QDpJdOvINWsaHp7o6kF67tDIJmU%2Bt08lXvcp4X55qG0NAGg8%2FvdOh%2F0wsegLCfp93msWCAQ80sOCe45kyqcZD4iz1KzMjz3g%2BXGokqlYvBxxKKqjUt6FygLMKLw8K"}],"max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6342fd958f6ebed3-FRA
expires: Tue, 22 Mar 2022 22:51:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 22:52:28 GMT

GET
H2 200 jquery.min-3.5.1.js Show response
getmyofferscapitalone.xyz/wp-content/cache/busting/1/wp-includes/js/jquery/ 87 KB
30 KB 21ms
21ms Script
application/javascript 2606:4700:3032::ac43:a522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getmyofferscapitalone.xyz/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.5.1.js
Requested by: Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 36
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fdbcd17a0000bed36c16e000000001
last-modified: Tue, 26 Jan 2021 15:40:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EmztZAtexIR6SjezMRpXMhy2BtaI0dpo7j0A%2Bv9W3wNX2G9cy0OZTJTwGjfPz1vLCPfqOVM4E7dX%2BfPdPH5pZMxrdkR5ZUUsJkBD1kHg6jTSbOGy6FoceHhkcvrBu%2FyJYu8a1NpI"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6342fd958f6fbed3-FRA
expires: Tue, 22 Mar 2022 22:51:52 GMT

GET
H2 200 lazyload.min.js Show response
getmyofferscapitalone.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 36ms
35ms Script
application/javascript 2606:4700:3032::ac43:a522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getmyofferscapitalone.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by: Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 36
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fdbcd17a0000bed39a900000000001
last-modified: Tue, 26 Jan 2021 14:57:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aGk0F6lWdIKlWF7NMRTzjiyt7Q2Lgz68sLB%2BNnQD350WZtqmupBJckrsmd%2F6HHC0fdDiDGvIbi%2BlDGG4g1xG%2FgNqsiIP%2Fouubc4a5Z8i6qvEZFy4IS21MNlIlLcekZrS6TY2xk8L"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6342fd959f70bed3-FRA
expires: Tue, 22 Mar 2022 22:51:52 GMT

GET
H2 200 818d4a7d1a2ed802bacf5218a505b274.js Show response
getmyofferscapitalone.xyz/wp-content/cache/min/1/ 232 KB
72 KB 29ms
29ms Script
application/javascript 2606:4700:3032::ac43:a522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getmyofferscapitalone.xyz/wp-content/cache/min/1/818d4a7d1a2ed802bacf5218a505b274.js
Requested by: Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3489f6ce8b65ffd2e8a5281d42c6956b6c57717fddf7a8a4e42df72fb2265b12

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 36
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08fdbcd17c0000bed39a901000000001
last-modified: Sat, 20 Mar 2021 18:52:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zflLGV2y5m%2BLOL2C3tjMfllm9V1DznN6U71NHrw1KajIKkmAJv8F4klW%2Bf4R3xUnwWkzNO0HhjbJrM9myhSmUZTzfZbgTEiElK%2FbQvvmEwXZgAW7zY%2FPb8TT5gu2o8INrn1XgRNU"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6342fd959f71bed3-FRA
expires: Tue, 22 Mar 2022 22:51:52 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf59c95a1be12022cd50aa90fe1ff0b5840bde9109e63b3bd5d77b908881e17

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86cd1f2588eedf1bd804a6ebb6bd2dab3a5836386719691074aa6d26ce52dc4d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1200585f66a1b562fc3334093e6fd3eeea10d36ac12c2e92d393d1acc4932b7b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08edc33bb9aaa1e665e479c31045a5637e0cbc6acd553c0a60d6d47e38252388

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ 226 KB
85 KB 61ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4442474636555969&plah=getmyofferscapitalone.xyz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Mar 2021 22:52:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/ Frame E48C 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210318/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 15:27:13 GMT
expires: Mon, 05 Apr 2021 15:27:13 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 26715
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 capital-one-logo-20066179-1280x01-1-768x323-1.jpg
getmyofferscapitalone.xyz/wp-content/uploads/2021/01/ 41 KB
41 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:a522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getmyofferscapitalone.xyz/wp-content/uploads/2021/01/capital-one-logo-20066179-1280x01-1-768x323-1.jpg
Requested by: Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6036b1a0ba2aa1cf3452df8df265254fbe1879a618807630626fe93dbe8aef

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4066618
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41699
cf-request-id: 08fdbcd25d0000bed37e8aa000000001
last-modified: Tue, 26 Jan 2021 14:49:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qBV5RFsWPjkXEM9brJgaF6sC9nClJtzXcvYQfszXfM%2B%2FN9Na6FXPPw6B3SEIml8XPmkH8T2omZs7GAYsuG7wr9jKdHwgwbzwR68u3uwa9cu1dRGV3FYVQ6V1LS%2BLGFQP2MvX%2FMp%2B"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6342fd96ffbbbed3-FRA
expires: Thu, 03 Jun 2021 21:15:30 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
652 B 142ms
66ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=getmyofferscapitalone.xyz&callback=_gfp_s_&client=ca-pub-4442474636555969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4442474636555969&plah=getmyofferscapitalone.xyz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1fadc8c8514d8b5b2f3da0b3fd4591ab686658854094ad1103b4ec6ab521ee6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=getmyofferscapitalone.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=getmyofferscapitalone.xyz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6489 63 KB
22 KB 609ms
609ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627578f4ad789b3d67e60118bec907d2289506b11f023f4e37e857d8468b37e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 22:52:29 GMT
server: cafe
content-length: 21952
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 22-Mar-2021 23:07:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:28 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3AD4 4 KB
847 B 84ms
84ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&adk=1812271804&adf=3025194257&lmt=1616450413&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&ea=0&flash=0&pra=7&wgl=1&dt=1616453548620&bpp=1&bdt=215&idt=93&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280&nras=1&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f406d135b969868ad1d2f2d3cda82d2d2971f81e2542d61268f71d4c44ce8b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4442474636555969&output=html&adk=1812271804&adf=3025194257&lmt=1616450413&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&ea=0&flash=0&pra=7&wgl=1&dt=1616453548620&bpp=1&bdt=215&idt=93&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280&nras=1&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 22:52:28 GMT
server: cafe
content-length: 645
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 22-Mar-2021 23:07:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:28 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
29ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=getmyofferscapitalone.xyz

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 42ms
29ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=getmyofferscapitalone.xyz

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48DF 67 KB
24 KB 623ms
623ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd58bd9da0c17973b1dce5d97f9e1728544857ba98be3a4a5f719da7a3947142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 22:52:29 GMT
server: cafe
content-length: 24125
x-xss-protection: 0
set-cookie: IDE=AHWqTUmZy4R7Ak1jFgEc4JZw4ZZGZu3Ru52PDqXLmca8nfrMTCmQ4IihPwCbTy_XDzM; expires=Sat, 16-Apr-2022 22:52:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0213 66 KB
23 KB 622ms
622ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c4bd3c2367c24f39ed0067061f04dbe556fe213849d1226b1862faa09cfc5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 22:52:29 GMT
server: cafe
content-length: 23772
x-xss-protection: 0
set-cookie: IDE=AHWqTUkzPTJmL-q4GQXfifv8Mz7llze9rBMorPf0ske7Gq3S6d3ofXDkskfjpnml8L4; expires=Sat, 16-Apr-2022 22:52:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B5B 85 KB
25 KB 531ms
530ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=3322168490&pi=t.aa~a.1365230754~i.24~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=1&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=dJlhsAUAkj&p=https%3A//getmyofferscapitalone.xyz&dtd=27

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dd8edcee33def641b3efd238070357e14c46819e894174efbd7f89c6624a1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=3322168490&pi=t.aa~a.1365230754~i.24~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=1&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=dJlhsAUAkj&p=https%3A//getmyofferscapitalone.xyz&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 22 Mar 2021 22:52:29 GMT
server: cafe
content-length: 25497
x-xss-protection: 0
set-cookie: IDE=AHWqTUn_iI5nfzgR7W8yE5Qk4ENltJ1ZGP1uSwnyq93dDdgY_NkVxJcATVQNjtzDuKM; expires=Sat, 16-Apr-2022 22:52:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 6489 4 KB
713 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:39:46 GMT
server: ESF
date: Mon, 22 Mar 2021 22:52:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 6489 1 KB
990 B 30ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:45:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 6489 17 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:49:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 6489 2 KB
1 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:47:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6489 117 KB
36 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 6489 12 KB
5 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:50:35 GMT

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 6489 25 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 389849
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6489 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZmfwrB9ZYIb7K_HM7_UP5OSAmAfZ-KPoW8KnzPWsCdf-pZ3FFhABILidqXRglYq4gsgHoAGggbPDA8gBAakCkmIj7ckGtD6oAwHIA8sEqgS9AU_Qu-SAKuR5OJSOvypSs8gOkydsw4DwxRRb4dU_wa4i3ok9vxtQlmxXL_WZVPGrnVqBrMyamPo3R76t59f8aiFfWw6zLnw04aczH4WE0yMMHa5Txm6smj_WyalTTpkPkd3fkpajIVKpLzL7Xg-cByYhhA7tcopv1aGwZ26RKZ2NQNATlEuDe0JUXNHRsjxKAGI5upeYYtqNysJ6bg7kIs32kVeqfWXGVOnGcFfoBLKQ970qTui4ki-MRHgvHMAEvvW4oNQBkgUECAQYAZIFBAgFGASAB4OZmT2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ3N4j0ggJCIDhgBAQARgfgAoByAsB2BMNiBQMshcaChgIABIUcHViLTQ0NDI0NzQ2MzY1NTU5Njk&sigh=efi115kfhHU&tpd=AGWhJmtddbCQyLfKVo6sYQXE2g_1S_pzBb-KBbeTm_lH9JRTrw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 22:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5B3 143 B
216 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&slotname=5237124785&adk=1481149068&adf=1980794720&pi=t.ma~as.5237124785&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1616453548593&bpp=21&bdt=188&idt=88&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3335478529674&frm=20&pv=2&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NBk0Cz0ook&p=https%3A//getmyofferscapitalone.xyz&dtd=108

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 22:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1749
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B5B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmf0blDUaRGDlkyKzuDMDwZkqdzEx8yThiKkTFVPXzsL2JdX4-B3NrLLULB7cc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:52:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 23:52:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:52:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6489 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7177b0b9e8635c7c5b7e248814156398e9760d59d4176ad92013f4545a5d8586

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6489 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 21:05:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 6398
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 22 Mar 2022 21:05:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6489 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 518756
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 16 Mar 2022 22:46:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4B5B 2 KB
969 B 41ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=3322168490&pi=t.aa~a.1365230754~i.24~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=1&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=dJlhsAUAkj&p=https%3A//getmyofferscapitalone.xyz&dtd=27

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:44:16 GMT
server: ESF
date: Mon, 22 Mar 2021 22:52:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3628 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 4B5B 1 KB
980 B 34ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:45:34 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 4B5B 17 KB
7 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:49:51 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 4B5B 2 KB
1 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:47:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B5B 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 4B5B 12 KB
5 KB 30ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:50:35 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 4B5B 25 KB
11 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 389849
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 4B5B
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=288156249&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
505 B

96ms
31ms

Fetch
image/gif

104.75.89.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-89-51.deploy.static.akamaitechnologies.com

Software

envoy /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: MISS from include-cache-1:80
x-ebay-pop-id: UFES2-SYD-irstatic-1
x-envoy-upstream-service-time: 262
content-length: 57
x-xss-protection: 1; mode=block
server: envoy
date: Mon, 22 Mar 2021 22:52:30 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9vjdq%60uebwh*5kkvq%28rbpv6770-17569c27810-0xce
access-control-allow-headers: *
expires: Tue, 22 Mar 2022 22:52:30 GMT

Redirect headers

Date: Mon, 22 Mar 2021 22:52:29 GMT
Strict-Transport-Security: max-age=31536000
Location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Cache-Control: private,no-cache,no-store
RlogId: t6baubqsodf%3F%3Ckuvgcp%60tqjfc*i%7Drku%28rbpv670%3D-1785c23bfdb-0x233f
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B5B 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGIxIrB9ZYL2sNvm8lQf7ur7oD6_fw_NhzMfQ__0LtoHK5uUYEAEguJ2pdGCViriCyAegAe2DzcEDyAEJqQKSYiPtyQa0PqgDAcgDywSqBMABT9AnBp_KWMqmHRuoFSI6GjYlwMTiRQHdYKQn3DuoaNxQzITEDdhfB4tgNvFosx-AtN2XJO6i_I-KT9cGwu3e8glUMR9VuQ6ROg5-F9psB9u3FQmvzzHAro0gL5MxnsbU3ftnLvz9pT6vkKNOoO8c5hPocI16wcSlS28v7GoFGq0ZaGL-372TZZYI_j1duoX-kj2AlmykMyAx8a9S7mfptiZ0D4s9Kz2W2NbD2yLVQaBlZ_5CUjWD-2wlJXvC-YxbwAT2h7f7wQKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-_uyPqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQp-8S0ggJCIDhgBAQARgfgAoByAsB2BMLiBQFmBYBshcaChgIABIUcHViLTQ0NDI0NzQ2MzY1NTU5Njk&sigh=m73vV1JL1jg&template_id=494&tpd=AGWhJmuv8hP9-VwCPBpW2yiIrCmKwKdLFxWDkLJ6XQQIdDhA4A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=3322168490&pi=t.aa~a.1365230754~i.24~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=1&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280%2C1120x280&nras=4&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=4273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=dJlhsAUAkj&p=https%3A//getmyofferscapitalone.xyz&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 22:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4B5B 11 KB
11 KB 33ms
11ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQstjRXdTPoXHYTCS9DiUnTxj0WN3W55_qPWFiJilQL1WshkS4SvLM2VAMppr0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f96410b7a78e2717c48cdde57aed15f0957019a541e942aa4ee1d4053514ef74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:24:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 13:55:15 GMT
server: sffe
age: 296872
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:24:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4B5B 18 KB
19 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRQtVpHORRD7bk7RjGw6Ef0Go62qOk1NpiCxWuXDxqibpeiCW_thZi4rMvECg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98cbb698f7be44bc0156a61bf7a9422dcd359def34edc04529b934c3303dcfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:54:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Apr 2019 04:51:54 GMT
server: sffe
age: 442709
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18755
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:54:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4B5B 15 KB
15 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRMKufbx_EP6bEGF2rH59dXfYyhm3CYetFN-_ceclGWqiWkKQfnJyTn0zvQ2A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72024a3b6525e198692ee893729150367925e7a0a762dc03096d64639691a724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:08:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 17:14:54 GMT
server: sffe
age: 359062
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15184
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:08:07 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4B5B 23 KB
24 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQVzn8j-rx1xWZEnC4s5pLoKorifBGranD6URNJlDiyG5HBSqx4XV2hthEXPvM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f92d69b057b9f6192b3b430395e3b8e8eb1746fb2b944e1d53784bfa3beda579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:26:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 02:31:08 GMT
server: sffe
age: 217564
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23990
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:26:25 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4B5B 22 KB
22 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRVUXyWNlnzJF-eFhWtnU4HUtXVCrcIQyQ5yVz9eETlax8uOuGzuvg5elpYgpc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5cede7185dbdb2a96b248d88b1bb024ea71155404ec8d884172d8fe7cac239e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:04:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 Aug 2020 10:52:52 GMT
server: sffe
age: 406099
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22506
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:04:10 GMT

GET
H3-Q050

200

6037977029595278777
tpc.googlesyndication.com/simgad/ Frame 4B5B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPuoCdLhCwCRisAjIIDwAhueo-8IU
https://tpc.googlesyndication.com/simgad/6037977029595278777

148 KB
148 KB

7ms
7ms

Image
image/png

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6037977029595278777

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd127d352968353a32ac7851343015c73cae54a4a6a855a42ecae4889b435242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:19:55 GMT
x-content-type-options: nosniff
age: 430354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151821
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 23:23:16 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 23:19:55 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 19:41:28 GMT
x-content-type-options: nosniff
server: cafe
age: 11461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6037977029595278777
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Apr 2021 19:41:28 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 72AD 1 KB
854 B 8ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 03:14:09 GMT
expires: Tue, 23 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 70700
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4B5B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6f1fce604f49a2a1553ed21ce3e43d23a712fbc685952ef8687095b1285eef8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 4B5B 20 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 21:05:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 6397
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Tue, 22 Mar 2022 21:05:52 GMT

GET
H3-Q050 200 86645057ba4817bae9835c203c8960c4.js Show response
www.gstatic.com/mysidia/ Frame 48DF 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/86645057ba4817bae9835c203c8960c4.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 11:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 387039
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2784
x-xss-protection: 0
expires: Wed, 16 Jun 2021 11:21:50 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 48DF 3 KB
600 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:42:44 GMT
server: ESF
date: Mon, 22 Mar 2021 22:52:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 0213 4 KB
639 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:46:00 GMT
server: ESF
date: Mon, 22 Mar 2021 22:52:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 3aa3fb99195f3894d7dec54cc5b479a1.js Show response
www.gstatic.com/mysidia/ Frame 48DF 8 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 09:49:38 GMT
server: sffe
age: 544799
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
expires: Mon, 14 Jun 2021 15:32:30 GMT

GET
H3-Q050 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/elements/html/spam_signals/ Frame 48DF 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ac2a84edd7b8ec119d4edb1171dba25189ad3f5a223c0c3292481e1d805e52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 21:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2856
x-xss-protection: 0
server: cafe
etag: 3990243853910081088
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 21:38:10 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 48DF 1 KB
910 B 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:45:34 GMT

GET
H3-Q050 200 6248eab49cfd09ff78cd9d1acc91b01c.js Show response
www.gstatic.com/mysidia/ Frame 48DF 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6248eab49cfd09ff78cd9d1acc91b01c.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 16615
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
expires: Sun, 20 Jun 2021 18:15:34 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 48DF 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:49:51 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 48DF 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:47:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48DF 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 48DF 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:50:35 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 48DF 25 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 389849
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0213 1 KB
910 B 8ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:45:34 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 0213 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:49:51 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0213 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:47:51 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0213 117 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 0213 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:50:35 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 0213 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 389849
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0213 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cift5rB9ZYJz4Nfae7_UP0NO58AKx44noYdXg2rPrDP-Dx46UDhABILidqXRglYq4gsgHoAHB1dniAsgBAakCvIU2uv2tTD6oAwHIA8sEqgTFAU_Q2ULuSUmL8eTVn0c_YItEJK6vBirn7V-LVx0uYUv0o0_md-TZJAQqAg6ZsY1jXrNh2CWk6mXJr9XPYUWqaEB48SwtspsuvzeGZw4XGGldrifFH-F4SnRmok4pmFesKntRqs-Wy8Bc5Lmv81WM0N-f1EIKJzlrBHZ0aki-rALt4rTC4BePLPxjohG7VCC-1OBkCnTldSlKCTFMZidple0WRKf7Kb2e6wD1e-9VVdF7jRQrMNFi_BNI5iyNxXuzizHpAxL0wASn1YuBuQOSBQQIBBgBkgUECAUYBIAHp6qmnQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQzOA50ggJCIDhgBAQARgfgAoByAsB2BMNiBQBshcaChgIABIUcHViLTQ0NDI0NzQ2MzY1NTU5Njk&sigh=T1ZM0byGvnw&tpd=AGWhJmtkdNyBvZFoTnnOlJCQ7trqMhxVVzgCsQMaMSaYmfgukg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 22:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0EE 143 B
165 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkzPTJmL-q4GQXfifv8Mz7llze9rBMorPf0ske7Gq3S6d3ofXDkskfjpnml8L4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 22:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1749
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 67D6 1 KB
750 B 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 03:14:09 GMT
expires: Tue, 23 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 70700
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 72AD 35 B
463 B 24ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJEQIgST4B2iEvI_wGQe06U&google_cver=1&google_push=AQvitUJLc5pfM05eBlpqU0CrK_8ZSQEeH_d9yQnsq54zl2dxZQGk-r_CZ__NL5k8RbsUI9ghRJh_rxtS0sIbZpMMw7Hiq8WIk2Ht

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 72AD
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUKtIPtMyWRRdsr5zo60w0nEPQTVAj-YPUlBjKr...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZrZnJRQUFCZUpYNGlIYQ&google_push=AQvitUKtIPtMyWRRdsr5zo60w0nEPQTVAj-YPUlBjKrn79q1JvbOagOtmGDOH6gkYO3TnAdR5SzsWgxaFpc_KnC9-bGyhi0RFE-F

170 B
190 B

118ms
67ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZrZnJRQUFCZUpYNGlIYQ&google_push=AQvitUKtIPtMyWRRdsr5zo60w0nEPQTVAj-YPUlBjKrn79q1JvbOagOtmGDOH6gkYO3TnAdR5SzsWgxaFpc_KnC9-bGyhi0RFE-F

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUZrZnJRQUFCZUpYNGlIYQ&google_push=AQvitUKtIPtMyWRRdsr5zo60w0nEPQTVAj-YPUlBjKrn79q1JvbOagOtmGDOH6gkYO3TnAdR5SzsWgxaFpc_KnC9-bGyhi0RFE-F
Date: Mon, 22 Mar 2021 22:52:29 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 72AD
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIm-ik3...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIm-ik3...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjIyMjUyMzA1NTIxMTg4MTI5ODgyOQ%3D%3D&google_push=AQvitUIm-ik3salNxxI8MA9LgmCJGQg9lgLwDpYQ4SROdRCWRh6hwft_QyffjBTEzCgToa...

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjIyMjUyMzA1NTIxMTg4MTI5ODgyOQ%3D%3D&google_push=AQvitUIm-ik3salNxxI8MA9LgmCJGQg9lgLwDpYQ4SROdRCWRh6hwft_QyffjBTEzCgToakhOGLHbBC4Fwjb1hhDBXFrb-ZhNHs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMjIyMjUyMzA1NTIxMTg4MTI5ODgyOQ%3D%3D&google_push=AQvitUIm-ik3salNxxI8MA9LgmCJGQg9lgLwDpYQ4SROdRCWRh6hwft_QyffjBTEzCgToakhOGLHbBC4Fwjb1hhDBXFrb-ZhNHs
Pragma: no-cache
Date: Mon, 22 Mar 2021 22:52:30 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 72AD
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDkyICfSTfNW3ZHaTgiS378&google_cver=1&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M
https://rtb.openx.net/sync/dds?google_gid=CAESEDkyICfSTfNW3ZHaTgiS378&google_cver=1&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIZez_aeka9-a1HwnrCbCrxV0vWlCAS--e0jsuXkwcrC0QJqKgIOzlrR__xBBFDQf79rkkmHuPF2MTjRm80Ol2TTVy1O5M&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 10sg61uuc0gh64tbtii458ahq149g4nu

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 72AD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJDUrnAOTuK5Rwc7wIgxzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

83ms
67ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJDUrnAOTuK5Rwc7wIgxzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJVZquWok_u8ND5HoEjZ5EfASKuJnSw3ctXudfH-pdpjtHx_Dz062-Wu5lAV5rQkwKJRCO3X_eOcX2Hn5Agvv5FAXhJ1ZH1

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xJDUrnAOTuK5Rwc7wIgxzw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJVZquWok_u8ND5HoEjZ5EfASKuJnSw3ctXudfH-pdpjtHx_Dz062-Wu5lAV5rQkwKJRCO3X_eOcX2Hn5Agvv5FAXhJ1ZH1
Date: Mon, 22 Mar 2021 22:52:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 72AD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEGWJJZfjW2HgyepTjco2Pw&google_cver=1&google_push=AQvitUJaAir_puqCsiKaSYRMaRrEOM8rdaQMkE7-ldtWG7jdUhuy-0oJMPlqPx6lvwzDC4TMFyF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISDAtMVMtNjhTRQ==&google_push=AQvitUJaAir_puqCsiKaSYRMaRrEOM8rdaQMkE7-ldtWG7jdUhuy-0oJMPlqPx6lvwzDC4TMFyFpAT2atD4WZSY_7OmYgWtwsHc

170 B
287 B

117ms
66ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISDAtMVMtNjhTRQ==&google_push=AQvitUJaAir_puqCsiKaSYRMaRrEOM8rdaQMkE7-ldtWG7jdUhuy-0oJMPlqPx6lvwzDC4TMFyFpAT2atD4WZSY_7OmYgWtwsHc

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISDAtMVMtNjhTRQ==&google_push=AQvitUJaAir_puqCsiKaSYRMaRrEOM8rdaQMkE7-ldtWG7jdUhuy-0oJMPlqPx6lvwzDC4TMFyFpAT2atD4WZSY_7OmYgWtwsHc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 72AD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_push=AQvitULoPBD_3iyGHrG2M6Dx1ajgHTGzEgR8dRNeDrprMxzabjq...

170 B
190 B

54ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_push=AQvitULoPBD_3iyGHrG2M6Dx1ajgHTGzEgR8dRNeDrprMxzabjq69WJ8si0qxHChBNpjtv35mExPgVe-08GsjNL3DZhdzmSkOcjd&google_cver=1

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 22:52:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAkVLVKYHno8V3gCwKhR7x0&google_push=AQvitULoPBD_3iyGHrG2M6Dx1ajgHTGzEgR8dRNeDrprMxzabjq69WJ8si0qxHChBNpjtv35mExPgVe-08GsjNL3DZhdzmSkOcjd&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 72AD 0
236 B 116ms
41ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6oeqboyq2lsd7a0t1vAotRJdv0gWxhOpq7CYUBKowLS-NYQhNyqVQafw8kVy59P8XvnBE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 48DF 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQtMKrB9ZYMvqNb-u7_UP4MW6-Aqx44noYdXg2rPrDMD929GQDhABILidqXRglYq4gsgHoAHB1dniAsgBAakCvIU2uv2tTD6oAwHIA8sEqgTLAU_QFBhAJJ4zJTuwXbGSLqKWlPNSowaxTPIvI1DCsz7i4LBwl5mRJdy46Na9Isa7XvopMe73Rd0r9uR6ofWcdApU93_yq2MYVqnjxOOmcyBsa1LV_Dr1XU8GHHHNb-ufIz2arrwBcmQFceKZiGpppm-9j9is9pv1HztyzTo1yij2nv1aN_rFQNJSMpoqgiTo6z-cW8CETfE5cqbnW25dcjKDkcBHfst6AZVXnVNpU8XndIckii1Fm6UgbHL4dRKc-Oyec4EOh3VdAFvPwASn1YuBuQOSBQQIBBgBkgUECAUYBIAHp6qmnQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ47420ggJCIDhgBAQARgfgAoByAsB2BMNiBQBshcaChgIABIUcHViLTQ0NDI0NzQ2MzY1NTU5Njk&sigh=A92udZlZzpg&tpd=AGWhJmvOOdBRsaM66y1y8amyhUbnVAM2w36HXZbIiT0BX46tWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 22 Mar 2021 22:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5621 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 502D 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkzPTJmL-q4GQXfifv8Mz7llze9rBMorPf0ske7Gq3S6d3ofXDkskfjpnml8L4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 22:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1749
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 059A 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 03:14:09 GMT
expires: Tue, 23 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 70700
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 48DF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf39168722cb534f550f2e6e3e64b6157041c4cbe226236a350844afabd82a29

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0213 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3137ac22e52b4b3a40857f5effbd69a101114810d8691a42a1df5edb2f1c97b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0213 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 21:05:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 6398
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 22 Mar 2022 21:05:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0213 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 518756
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 16 Mar 2022 22:46:33 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DF 0
111 B 39ms
39ms Other
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChgIASoUYmFubmVyLWxhcmdlLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEAMhAAB0PQpeiEAwBAoNEAohAAAAnUchM0AwBAoNEA0hAAAAAEi3jj8wBAoOEB4qCDExMjB4MjgwMAQKDhAZKggxMTIweDI4MDAECg0QDiEAAAAAMHqEPzAECg0QECEAAAAAQLnXQDAECg0QESEAAAAAgI_OQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAAQDAECg0QBCEAAFDgev-IQDAECg0QDyEAAAAAPLmOPzAECg0QFCEAAAAAgLvPQDAECg0QFSEAAAAAAAAcQDAECg0QFiEAAAAAAAAIQDAECg0QBSEAACitRwGJQDAECg0QFyEAADzqUSeKQDAEEhpDTXZ3enR6LXhPOENGVF9YdXdnZDRLSU9ydyIQdGV4dC92YW5pbGxhX3JkYSgD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 67D6 35 B
210 B 9ms
7ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIPldLZnwEKZZSp9DmLx6Uo&google_cver=1&google_push=AQvitUIlUJo3Nv9gf7Wa8V9DJZQ7VNNGZ82-x50cP7PSyNI209mnVJWC6UBSET1GxLsJOLaDDQ3MJPY1_pM1E-TnntbifUyXQyU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 67D6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJmlkpv14XoAU6YUKblDu9Q&google_cver=1&google_push=AQvitUIYGD-nhSebh5rAWWpZSBvh-7h6Qos3boc9KsOnXGsnSeozIO88tniqLIuFbmDH8NSehkH2cPZaGDtKi1adE3ZseRfb0iQ
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIYGD-nhSebh5rAWWpZSBvh-7h6Qos3boc9KsOnXGsnSeozIO88tniqLIuFbmDH8NSehkH2cPZaGDtKi1adE3ZseRfb0iQ&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIYGD-nhSebh5rAWWpZSBvh-7h6Qos3boc9KsOnXGsnSeozIO88tniqLIuFbmDH8NSehkH2cPZaGDtKi1adE3ZseRfb0iQ&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIYGD-nhSebh5rAWWpZSBvh-7h6Qos3boc9KsOnXGsnSeozIO88tniqLIuFbmDH8NSehkH2cPZaGDtKi1adE3ZseRfb0iQ&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: n7rcs93e0npmaftdum1evpu69a4ecig1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 67D6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EEExcmWHTNCEHEr3nBUmbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

52ms
52ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EEExcmWHTNCEHEr3nBUmbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULxc8CVtVyKJaJxGsQNNI9v4X6_eGmtkr4pC3fRdAFogUKmDqHZdlEpcv3xW_-kxiEygaN6hp32bEejkUtRc_lfYGHLalDm

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EEExcmWHTNCEHEr3nBUmbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULxc8CVtVyKJaJxGsQNNI9v4X6_eGmtkr4pC3fRdAFogUKmDqHZdlEpcv3xW_-kxiEygaN6hp32bEejkUtRc_lfYGHLalDm
Date: Mon, 22 Mar 2021 22:52:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 67D6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGjooayaihEOIkU8s6xyQZk&google_cver=1&google_push=AQvitUI29-XJkVlSfC9HPxcYnBf_OH9kSGBmpOAR7xb39DuNAa3Wr40NBP24FbmxxmP4Q7XIsuK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISlMtMTgtSlJKQQ==&google_push=AQvitUI29-XJkVlSfC9HPxcYnBf_OH9kSGBmpOAR7xb39DuNAa3Wr40NBP24FbmxxmP4Q7XIsuK8dscMT5fxhLOklQ7B-KKW3OV6

170 B
190 B

54ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISlMtMTgtSlJKQQ==&google_push=AQvitUI29-XJkVlSfC9HPxcYnBf_OH9kSGBmpOAR7xb39DuNAa3Wr40NBP24FbmxxmP4Q7XIsuK8dscMT5fxhLOklQ7B-KKW3OV6

Requested by

Host: getmyofferscapitalone.xyz
URL: https://getmyofferscapitalone.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBISlMtMTgtSlJKQQ==&google_push=AQvitUI29-XJkVlSfC9HPxcYnBf_OH9kSGBmpOAR7xb39DuNAa3Wr40NBP24FbmxxmP4Q7XIsuK8dscMT5fxhLOklQ7B-KKW3OV6
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 67D6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA2fyA3TBwKsRLEkTdvOu7Q&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEA2fyA3TBwKsRLEkTdvOu7Q&google_push=AQvitUICYJNkMRZWG83qK2RPDXOGIXKXCTVrNcAUg25h-ulbC2B...

170 B
213 B

53ms
52ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEA2fyA3TBwKsRLEkTdvOu7Q&google_push=AQvitUICYJNkMRZWG83qK2RPDXOGIXKXCTVrNcAUg25h-ulbC2BAA9IguWGBOw9K7dFZ3eoQKeUYbWwypvXDHuVsnTQcpJghmAoA&google_cver=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 22:52:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEA2fyA3TBwKsRLEkTdvOu7Q&google_push=AQvitUICYJNkMRZWG83qK2RPDXOGIXKXCTVrNcAUg25h-ulbC2BAA9IguWGBOw9K7dFZ3eoQKeUYbWwypvXDHuVsnTQcpJghmAoA&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 67D6 43 B
296 B 64ms
19ms Image
image/gif 2a05:d01c:1d8:8102:73b:46ad:270f:ab37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENEpiklMtoq8PreOAJEa88Y&google_cver=1&google_push=AQvitUK68h2K5tql8z_DRnGSd08o4Pvqcy0zV1ucWyn3Su-mvPqRruPWZUCq0YP9prEEkU3tV13zUPakATAlQ1-cp6QKQ0xyITXt
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:73b:46ad:270f:ab37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 67D6
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHM0pwm2J7zxp3cjYQO8Vis&google_cver=1&google_push=AQvitUIungBWyBg6T4em8k3X...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIungBWyBg6T4em8k3XQcLOWhEg6D6TGDRD27hBl8YkDiwMll929zpAg4YR3FcOwyTkkolhn2KBLqVLfLZqhwp-ScVUwys2qQ&google_hm=

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIungBWyBg6T4em8k3XQcLOWhEg6D6TGDRD27hBl8YkDiwMll929zpAg4YR3FcOwyTkkolhn2KBLqVLfLZqhwp-ScVUwys2qQ&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIungBWyBg6T4em8k3XQcLOWhEg6D6TGDRD27hBl8YkDiwMll929zpAg4YR3FcOwyTkkolhn2KBLqVLfLZqhwp-ScVUwys2qQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 21 Mar 2021 22:52:29 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 67D6 0
223 B 106ms
64ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jts5lviFY01JZfmgesO1rBc7Az3e5ug-Sqcyy6UoEVeLukVMi_XCv3_oW2wPBOnfIGGwwJbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A0EE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

22ms
22ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkzPTJmL-q4GQXfifv8Mz7llze9rBMorPf0ske7Gq3S6d3ofXDkskfjpnml8L4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:52:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 23:52:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:52:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 48DF 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 554342
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 16 Mar 2022 12:53:27 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 48DF 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 05:29:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 321755
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 19 Mar 2022 05:29:54 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 179E 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=1282693343&pi=t.aa~a.1365230754~i.16~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=438&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0%2C1120x280&nras=3&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=CF90m7m3VR&p=https%3A//getmyofferscapitalone.xyz&dtd=23

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 059A 35 B
210 B 11ms
5ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELsElUM2kJuQSTNDyxy_zps&google_cver=1&google_push=AQvitUJu5xfPWZq4BVvqRhxx15vHfU9YtFeV7p8LV8FlNeYKf3fy82VB6ANzkZVhRtlqy-JrqF6TkvV6v4JsOaJYkIUyEUkzWms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 059A
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitULHfdWbsIzd30EeUxB3W60j1F-bcWuoY89572_TOrnTAWHnYWAkwx2mm3spEyAFZ_YUNHDFZG0VMJX4WlNovWLDtnbd89o&google_gid=CAESELeKAKwaPJs7Zq7SWi3YK6I&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK2_5IIGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVMSGZkV2JzSXpkMzBFZVV4QjNXNjBqMUYtYmNXdW9ZODk1NzJfVE9yblRBV0huWVdBa3d4Mm1tM3NwRXlBRlpfWVVOSERGWkcwVk1KWDRXbE...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRk9NRFlYcDdIRi10NDBSYkg3b2NCanRxWUpQeHlobEpIVHYtcjZPNENERQ==&google_push

170 B
190 B

56ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRk9NRFlYcDdIRi10NDBSYkg3b2NCanRxWUpQeHlobEpIVHYtcjZPNENERQ==&google_push

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Mar 2021 22:52:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRk9NRFlYcDdIRi10NDBSYkg3b2NCanRxWUpQeHlobEpIVHYtcjZPNENERQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 059A
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAdHG0G7-RA8vLgGdKcD6Go&google_cver=1&google_push=AQvitUKnG6ubw52u9uPXtFC_0ChdOXzIUOetcdmCGEHeS6_256Bz2yEaXJi5CCB1uPiPeoJhuC7vKGk5LhqVPHhdrpuhcx6KsD0
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKnG6ubw52u9uPXtFC_0ChdOXzIUOetcdmCGEHeS6_256Bz2yEaXJi5CCB1uPiPeoJhuC7vKGk5LhqVPHhdrpuhcx6KsD0&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKnG6ubw52u9uPXtFC_0ChdOXzIUOetcdmCGEHeS6_256Bz2yEaXJi5CCB1uPiPeoJhuC7vKGk5LhqVPHhdrpuhcx6KsD0&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKnG6ubw52u9uPXtFC_0ChdOXzIUOetcdmCGEHeS6_256Bz2yEaXJi5CCB1uPiPeoJhuC7vKGk5LhqVPHhdrpuhcx6KsD0&google_hm=Rk6OHzM4wMgPBCkCdq47JQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tneisnn5rnbj7bhjr1ne2ibg7g4ni67u

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 059A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5RYC6VzkQ6uzMeXRK2g4AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

52ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5RYC6VzkQ6uzMeXRK2g4AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJkakE1x6V2sAFcHOfjHUUZ0pGKCpwnoJfTJEyHBdW39ta66ZRTShRXJ-WPLPbprorjvUUp8MGIJxJBGQWZYEgPP_PTrDQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5RYC6VzkQ6uzMeXRK2g4AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJkakE1x6V2sAFcHOfjHUUZ0pGKCpwnoJfTJEyHBdW39ta66ZRTShRXJ-WPLPbprorjvUUp8MGIJxJBGQWZYEgPP_PTrDQ
Date: Mon, 22 Mar 2021 22:52:29 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 059A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGnXWfJi_n8J7G-bHKzMsJg&google_cver=1&google_push=AQvitUKyQxgACgvnlOUxWs6-fYq-7UrmqB5L4HGZvLTBIxGgpQtXWNZpIZemtmifZEgdNGpEmhF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBITUUtMUgtSEhXMg==&google_push=AQvitUKyQxgACgvnlOUxWs6-fYq-7UrmqB5L4HGZvLTBIxGgpQtXWNZpIZemtmifZEgdNGpEmhFzVgRf4EaSZ86_olZl0HE7Gs0

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBITUUtMUgtSEhXMg==&google_push=AQvitUKyQxgACgvnlOUxWs6-fYq-7UrmqB5L4HGZvLTBIxGgpQtXWNZpIZemtmifZEgdNGpEmhFzVgRf4EaSZ86_olZl0HE7Gs0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01MNlBITUUtMUgtSEhXMg==&google_push=AQvitUKyQxgACgvnlOUxWs6-fYq-7UrmqB5L4HGZvLTBIxGgpQtXWNZpIZemtmifZEgdNGpEmhFzVgRf4EaSZ86_olZl0HE7Gs0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 059A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAjlxU78Lvf-1pkKW-X7n5o&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAjlxU78Lvf-1pkKW-X7n5o&google_cver=1&google_push=AQvitUJ1sbLM1F37VHPXskaVu3BHfVFTgYRO4...

170 B
190 B

52ms
52ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAjlxU78Lvf-1pkKW-X7n5o&google_cver=1&google_push=AQvitUJ1sbLM1F37VHPXskaVu3BHfVFTgYRO4eVv7PDleP7q5SrVHgM6Tsmf9ZeWpZ-KOJE34oZEtg7-lCrgUdsrY8jw7Hm8H1o

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 22:52:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFkfrXs39rSCdwP5Q-yZkwAAAp0AAAAB&google_gid=CAESEAjlxU78Lvf-1pkKW-X7n5o&google_cver=1&google_push=AQvitUJ1sbLM1F37VHPXskaVu3BHfVFTgYRO4eVv7PDleP7q5SrVHgM6Tsmf9ZeWpZ-KOJE34oZEtg7-lCrgUdsrY8jw7Hm8H1o
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Mon, 22 Mar 2021 22:52:29 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 059A
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO5aowVfk2k6Ai6Lh9QzbDY&google_cver=1&google_push=AQvitUL0kgum9rZfyjzqRthM...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL0kgum9rZfyjzqRthMzyeP2_2VZbTyglMBeovdsaFjTWkU8VzboLLV3ytqwZ-UawTjStOFhdzkYOTGzgvToydR5KdgxYo&google_hm=

170 B
190 B

52ms
52ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL0kgum9rZfyjzqRthMzyeP2_2VZbTyglMBeovdsaFjTWkU8VzboLLV3ytqwZ-UawTjStOFhdzkYOTGzgvToydR5KdgxYo&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:29 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUL0kgum9rZfyjzqRthMzyeP2_2VZbTyglMBeovdsaFjTWkU8VzboLLV3ytqwZ-UawTjStOFhdzkYOTGzgvToydR5KdgxYo&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sun, 21 Mar 2021 22:52:29 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 059A 0
16 B 89ms
65ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDAhNFd3jyvrjZcnEzANTGaZOVxHnog-2oSLuu3T1nOOoGqrIf3BBkxcaeivJcEkaIHunpQQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 502D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUkzPTJmL-q4GQXfifv8Mz7llze9rBMorPf0ske7Gq3S6d3ofXDkskfjpnml8L4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:52:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 23:52:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:52:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:52:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a533a1e1c62ddb16f67c454e3832bc5cb0bbcffe0736a6f39865b9cb5530be3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6506
x-xss-protection: 0

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2428 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4442474636555969&output=html&h=280&adk=180806639&adf=485688124&pi=t.aa~a.1365230754~i.5~rp.4&w=1120&fwrn=4&fwrnh=100&lmt=1616450413&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6635157773&psa=0&ad_type=text_image&format=1120x280&url=https%3A%2F%2Fgetmyofferscapitalone.xyz%2F&flash=0&fwr=0&pra=3&rh=200&rw=1120&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1616453548844&bpp=1&bdt=439&idt=-M&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1120x280%2C0x0&nras=2&correlator=3335478529674&frm=20&pv=1&ga_vid=1825402416.1616453549&ga_sid=1616453549&ga_hid=1051193970&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737458%2C44739387&oid=3&pvsid=2774470605614073&rx=0&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=VvzpFT12qv&p=https%3A//getmyofferscapitalone.xyz&dtd=18

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:52:30 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DF 0
46 B 39ms
39ms Other
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChgIASoUYmFubmVyLWxhcmdlLXZhbmlsbGEKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBghAAAu61G7kEAwBBIaQ012d3p0ei14TzhDRlRfWHV3Z2Q0S0lPcnciEHRleHQvdmFuaWxsYV9yZGEoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9340 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getmyofferscapitalone.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getmyofferscapitalone.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1716
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9340 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 99541
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=2774470605614073&bg=!bm2lbSnNAAbUo7L91KM7ACkAdvg8WlJn9UyxJj3DQfeD_ueHXGZIx5p5KJh0tSQ1YHf_34VE9E_dVgIAAABSUgAAAAxoAQcKAXIOBIvU2vPonpneEbsTRkowJAoiZg-6nkPeeIDP37aIR61oXVBLcFGQ3pRipGHOh44fdd8jdSwrtTx491RHOTdX6qFb9frCTvZYgcU4j7Jx5LkIF-r3zmd32-jDydUUfuu3Ob7lvnkq3rw_DXtmHkYg6q5QPKkLs17Ub3E3vKYqCEzqmksrRrUSz87y3BY8XXcUTz3hSOakI9wCE_uy6ox2N4fqH1cJj5MdNlGNfSb-3VjHCw8gR5o5lebAXCsmrz4yLJ9lnFuxBv5HGJoFrzu6HVSOMBs5jyJ5ZjHRrvcWGW_RUHsa988m3b0tcSvIoSWSmZkGw61sa7PD6q7FOMMwnywspqIujKwie5QQiC6VZw2sXcVK9WkThUxVIokCypmKmCm5t6hYNl42SNe1k99_7jtNsXTZVs64AIApsXD5VAMO8KYOhomafQwd_R9v54pKJlZ5LqkfegUVXtO-_UsLmOyROt69rOUXUaZB0xH7agBqmQHXmq0LpOXK-wsjjrIVLRt909m-zVSZGfB9g4Slkc7jJd84pO97X9BowZtTtfEywr30TGjm1TcWdnCX8wSvhCGXUaBnvG8kYJ0q8slnpW8abMhrdphPb87FvkxI0qGCxgzODZHV-HfQahMPgZgn9p3aWt7OddwuBU1MN6b69fk0t16_WhOVW4KnVymByVL3UsO6XGx9VRRSOqVGZEWA6pdH5qUSZkvjWBekM-nm0ioxtNVbQI4PlWLc5mCHAXDMkkD98oA7EXov0sEGsLk520kDQ6HCq5EasthjLjY7ePuFpWxErImjskBkEQ6883z9WKz3s8mD-rBufm3GDE5QA1221Q7gOiiVZWGVgl5J7qNIHQA9RY46vQyshn_Z1QiPXL7ALr29tLXp5Vb1qeq7dUywJoKhwiQuGlgLqHcZkRYwL1OIjN9RjeyR9PaN56cVhW_x3hbIBJOULqF7gMIViNLOUn_bR2xmf-vyJWrBqQD2W88nZQYFOLyC9hiDuMwBPn42YIr0xd-gZo0CicvBnfMOmIWsk0TJpfJqVlBUfyyc9GKPwDsIrfUTWKtasdE1slRSnykZ6DpkXL40rKSTC8hZ9h8gnsfAMeYrf58rr2q6pgEWoDDwj8MW

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getmyofferscapitalone.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6489 42 B
155 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTxCyyjGAYMtMQ0mszOmQO7xsXZ9HOmP8kLGeeRFp7lozgM6Olz1N0jlBw5KDQMOm2BoU-ehWVbc6xUeFR_8qJTAqRkrdwme94HhuY0G-r109_poaC3naJfUgTcw&sai=AMfl-YTyL4KQQEC5zlnbntlQ0t5rmLK4wScv7pgZTrGUVmmBNWnDNGeFVN6Sj9WFkpCZ2K8WQ98r6HyUAPhT&sig=Cg0ArKJSzGqZhLxZzBGIEAE&id=osdim&mcvt=1000&p=346,240,626,1360&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1481149068&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1616453548707&dlt=609&rpt=79&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:52:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:22:29	Name: IDE Value: AHWqTUkzPTJmL-q4GQXfifv8Mz7llze9rBMorPf0ske7Gq3S6d3ofXDkskfjpnml8L4
.doubleclick.net/	1970-01-19 17:00:57	Name: DSID Value: NO_DATA
.getmyofferscapitalone.xyz/	1970-01-20 02:22:29	Name: __gads Value: ID=0b21ffbf28f38e2d-22b9677ddaba001e:T=1616453548:RT=1616453548:S=ALNI_MZjBj9ZZMXqonuB3kHROTQuW0N_lg
getmyofferscapitalone.xyz/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.getmyofferscapitalone.xyz/	1970-01-19 17:44:05	Name: __cfduid Value: d6c64112bd5c0418ec29bda00699d53e61616453547

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
getmyofferscapitalone.xyz
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
secureir.ebaystatic.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.ebayadservices.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.75.89.51
142.250.185.226
142.250.185.66
185.64.189.115
209.140.149.182
23.218.208.246
2606:4700:3032::ac43:a522
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a05:d01c:1d8:8102:73b:46ad:270f:ab37
34.246.227.69
35.227.252.103
35.244.174.68
52.35.2.64
69.173.144.138
79.137.69.120
08edc33bb9aaa1e665e479c31045a5637e0cbc6acd553c0a60d6d47e38252388
0ac2a84edd7b8ec119d4edb1171dba25189ad3f5a223c0c3292481e1d805e52d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1200585f66a1b562fc3334093e6fd3eeea10d36ac12c2e92d393d1acc4932b7b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1f6036b1a0ba2aa1cf3452df8df265254fbe1879a618807630626fe93dbe8aef
1fadc8c8514d8b5b2f3da0b3fd4591ab686658854094ad1103b4ec6ab521ee6e
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2dd8edcee33def641b3efd238070357e14c46819e894174efbd7f89c6624a1ad
2f406d135b969868ad1d2f2d3cda82d2d2971f81e2542d61268f71d4c44ce8b7
3137ac22e52b4b3a40857f5effbd69a101114810d8691a42a1df5edb2f1c97b4
3489f6ce8b65ffd2e8a5281d42c6956b6c57717fddf7a8a4e42df72fb2265b12
393c0a39f41e5b14bdc33e5f5093a0d3ee0fb50eb4043d35e8a1995b5d2dd371
3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
627578f4ad789b3d67e60118bec907d2289506b11f023f4e37e857d8468b37e0
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
7177b0b9e8635c7c5b7e248814156398e9760d59d4176ad92013f4545a5d8586
72024a3b6525e198692ee893729150367925e7a0a762dc03096d64639691a724
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
83c4bd3c2367c24f39ed0067061f04dbe556fe213849d1226b1862faa09cfc5e
86cd1f2588eedf1bd804a6ebb6bd2dab3a5836386719691074aa6d26ce52dc4d
911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376
98cbb698f7be44bc0156a61bf7a9422dcd359def34edc04529b934c3303dcfcd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a533a1e1c62ddb16f67c454e3832bc5cb0bbcffe0736a6f39865b9cb5530be3e
aa388a51fe3addb4ba88cb62bcc412cfce9417210198fbb269a1d1ac75e490ab
acf59c95a1be12022cd50aa90fe1ff0b5840bde9109e63b3bd5d77b908881e17
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd4e8185b08a27a7c082dba5b7d6830198c73eb47a514d560395a5f65e1eb9b5
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c5cede7185dbdb2a96b248d88b1bb024ea71155404ec8d884172d8fe7cac239e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
cd127d352968353a32ac7851343015c73cae54a4a6a855a42ecae4889b435242
cf39168722cb534f550f2e6e3e64b6157041c4cbe226236a350844afabd82a29
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d8da9920e582b9d8bc54f6ca7d28fe436cbf073249dc54edf6ab2596fead5f67
ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1fce604f49a2a1553ed21ce3e43d23a712fbc685952ef8687095b1285eef8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f92d69b057b9f6192b3b430395e3b8e8eb1746fb2b944e1d53784bfa3beda579
f96410b7a78e2717c48cdde57aed15f0957019a541e942aa4ee1d4053514ef74
fd58bd9da0c17973b1dce5d97f9e1728544857ba98be3a4a5f719da7a3947142

getmyofferscapitalone.xyz Open in urlscan Pro 2606:4700:3032::ac43:a522 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

100 %HTTPS

57 %IPv6

21 Domains

29 Subdomains

19 IPs

5 Countries

1114 kBTransfer

2442 kBSize

5 Cookies

8 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

getmyofferscapitalone.xyz Open in urlscan Pro
2606:4700:3032::ac43:a522 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

100 %
HTTPS

57 %
IPv6

21
Domains

29
Subdomains

19
IPs

5
Countries

1114 kB
Transfer

2442 kB
Size

5
Cookies

115 HTTP transactions
8 data transactions