kozow.com.getstat.site Open in urlscan Pro
144.217.167.229 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kozow.com.getstat.site/
Submission Tags: @phish_report
Submission: On January 18 via api (January 18th 2024, 7:57:25 am UTC) from FI — Scanned from CA

Summary HTTP 106 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 106 HTTP transactions. The main IP is 144.217.167.229, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is kozow.com.getstat.site.

This is the only time kozow.com.getstat.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	144.217.167.229 144.217.167.229	16276 (OVH) (OVH)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1 6	2606:4700:303... 2606:4700:3030::ac43:d611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c19::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
39	2606:4700:303... 2606:4700:3037::ac43:b0a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4004:c19::84	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::67	15169 (GOOGLE) (GOOGLE)
106	15

1 144.217.167.229 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: 229.ip-144-217-167.net

kozow.com.getstat.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::ac43:d611 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.getstat.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.getstat.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:3037::ac43:b0a4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	bidbrain.app cdn.bidbrain.app — Cisco Umbrella Rank: 19978 g.bidbrain.app — Cisco Umbrella Rank: 18798	1 MB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	364 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	116 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	456 KB
7	getstat.site 1 redirects kozow.com.getstat.site cdn.getstat.site img.getstat.site	17 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	133 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	49 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	24 KB
106	11

	Domain	Requested by
28	cdn.bidbrain.app	googleads.g.doubleclick.net
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com kozow.com.getstat.site
11	g.bidbrain.app	kozow.com.getstat.site cdn.bidbrain.app
10	pagead2.googlesyndication.com	kozow.com.getstat.site pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	www.googletagservices.com	googleads.g.doubleclick.net
5	cdn.getstat.site	1 redirects kozow.com.getstat.site
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	kozow.com.getstat.site www.google-analytics.com
2	cdn.jsdelivr.net	kozow.com.getstat.site
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	img.getstat.site	kozow.com.getstat.site
1	code.jquery.com	kozow.com.getstat.site
1	kozow.com.getstat.site
106	16

This site contains links to these domains. Also see Links.

Domain
www.getstat.site
medincorbogota.com.getstat.site
universalrecordsforum.com.getstat.site
kharbarbukan.ir.getstat.site
bonheurwatch.com.getstat.site
tieraerztin-ruf.de.getstat.site
himilomedia.com.getstat.site
prerto.com.getstat.site
kyledyerstorytelling.com.getstat.site
jomfb.com.getstat.site
kujico.jp.getstat.site
unilever.com.getstat.site
ravishment.net.getstat.site
pagina16.com.ar.getstat.site
philippedouale.com.getstat.site
loafwallet.org.getstat.site
wohnungslos-in-koeln.de.getstat.site
susqcolibrary.org.getstat.site
mrogp2001.weebly.com.getstat.site
toogoodwinery.com.getstat.site
imsono.com.br.getstat.site
bandendeconde.be.getstat.site
theamericanroadtripcompany.co.uk.getstat.site
mylasik250.com.getstat.site
hilo.de.getstat.site
wooten-law.com.getstat.site
movrc.org.getstat.site
mulhernua.br.com.getstat.site
theresourcefulceo.com.getstat.site
klerycymsf.pl.getstat.site
hammock-project.github.io.getstat.site

Subject Issuer	Validity	Valid
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
getstat.site E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
bidbrain.app E1	`2023-12-31` - `2024-03-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://kozow.com.getstat.site/
Frame ID: AC4A9BD9230615DA1555A4E1F2144B63
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Frame ID: FB1FE42334B3F70C83A036CA71058646
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Frame ID: 49EFB9AC7DF26FDE06491111849484E9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
Frame ID: 586F07858CE5AF0EC4FB401F309E0B62
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Frame ID: 547D597226627689084870F07BA74CF0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=7804916091&adk=66440164&adf=1525029410&pi=t.ma~as.7804916091&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640139&bpp=1&bdt=1148&idt=319&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=321
Frame ID: 81F7083E622E0F42D4937A99A4F2FD71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&adk=1812271804&adf=3025194257&lmt=1705564640&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Fkozow.com.getstat.site%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1705564640154&bpp=1&bdt=1163&idt=308&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280%2C1110x280&nras=1&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=318
Frame ID: 4A04A89EA3AEAA678043713981A0B806
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 489A4C419482CC0652F564718F0B604E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 399D672B0F0D4249AE3E8484C2DDE7D9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F612205E71BE83B53086DA9176263778
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EF2DC5156D5DD42ED6F415132671800A
Requests: 13 HTTP requests in this frame

Frame: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Frame ID: EFA1EDFCD6B7EC288758487A654D72C2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05565F3E10B1CD92D22AFBFD0B435FB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2236F133DE5F529726FFE7E0B49FC670
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

▷ :

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

98 %
HTTPS

93 %
IPv6

11
Domains

16
Subdomains

15
IPs

2
Countries

2344 kB
Transfer

5385 kB
Size

9
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://www.getstat.site/

Search URL Search Domain Scan URL

URL: https://medincorbogota.com.getstat.site/
Title: medincorbogota.com

Search URL Search Domain Scan URL

URL: https://universalrecordsforum.com.getstat.site/
Title: universalrecordsforum.com

Search URL Search Domain Scan URL

URL: https://kharbarbukan.ir.getstat.site/
Title: kharbarbukan.ir

Search URL Search Domain Scan URL

URL: https://bonheurwatch.com.getstat.site/
Title: bonheurwatch.com

Search URL Search Domain Scan URL

URL: https://tieraerztin-ruf.de.getstat.site/
Title: tieraerztin-ruf.de

Search URL Search Domain Scan URL

URL: https://himilomedia.com.getstat.site/
Title: himilomedia.com

Search URL Search Domain Scan URL

URL: https://prerto.com.getstat.site/
Title: prerto.com

Search URL Search Domain Scan URL

URL: https://kyledyerstorytelling.com.getstat.site/
Title: kyledyerstorytelling.com

Search URL Search Domain Scan URL

URL: https://jomfb.com.getstat.site/
Title: jomfb.com

Search URL Search Domain Scan URL

URL: https://kujico.jp.getstat.site/
Title: kujico.jp

Search URL Search Domain Scan URL

URL: https://unilever.com.getstat.site/
Title: unilever.com

Search URL Search Domain Scan URL

URL: https://ravishment.net.getstat.site/
Title: ravishment.net

Search URL Search Domain Scan URL

URL: https://pagina16.com.ar.getstat.site/
Title: pagina16.com.ar

Search URL Search Domain Scan URL

URL: https://philippedouale.com.getstat.site/
Title: philippedouale.com

Search URL Search Domain Scan URL

URL: https://loafwallet.org.getstat.site/
Title: loafwallet.org

Search URL Search Domain Scan URL

URL: https://wohnungslos-in-koeln.de.getstat.site/
Title: wohnungslos-in-koeln.de

Search URL Search Domain Scan URL

URL: https://susqcolibrary.org.getstat.site/
Title: susqcolibrary.org

Search URL Search Domain Scan URL

URL: https://mrogp2001.weebly.com.getstat.site/
Title: mrogp2001.weebly.com

Search URL Search Domain Scan URL

URL: https://toogoodwinery.com.getstat.site/
Title: toogoodwinery.com

Search URL Search Domain Scan URL

URL: https://imsono.com.br.getstat.site/
Title: imsono.com.br

Search URL Search Domain Scan URL

URL: https://bandendeconde.be.getstat.site/
Title: bandendeconde.be

Search URL Search Domain Scan URL

URL: https://theamericanroadtripcompany.co.uk.getstat.site/
Title: theamericanroadtripcompany.co.uk

Search URL Search Domain Scan URL

URL: https://mylasik250.com.getstat.site/
Title: mylasik250.com

Search URL Search Domain Scan URL

URL: https://hilo.de.getstat.site/
Title: hilo.de

Search URL Search Domain Scan URL

URL: https://wooten-law.com.getstat.site/
Title: wooten-law.com

Search URL Search Domain Scan URL

URL: https://movrc.org.getstat.site/
Title: movrc.org

Search URL Search Domain Scan URL

URL: https://mulhernua.br.com.getstat.site/
Title: mulhernua.br.com

Search URL Search Domain Scan URL

URL: https://theresourcefulceo.com.getstat.site/
Title: theresourcefulceo.com

Search URL Search Domain Scan URL

URL: https://klerycymsf.pl.getstat.site/
Title: klerycymsf.pl

Search URL Search Domain Scan URL

URL: https://hammock-project.github.io.getstat.site/
Title: hammock-project.github.io

Search URL Search Domain Scan URL

URL: https://www.getstat.site/privacy
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://cdn.getstat.site/assets/logo.png HTTP 301
https://cdn.getstat.site/assets/logo.png

106 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kozow.com.getstat.site/ 16 KB
4 KB 365ms
316ms Document
text/html 144.217.167.229
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://kozow.com.getstat.site/
Protocol: HTTP/1.1
Server: 144.217.167.229 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: 229.ip-144-217-167.net
Software: nginx /
Resource Hash: b75407fc7aaf0ae6ab623f528a640324513783f7701a77b8e9707de8a239de38

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3896
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Jan 2024 07:57:18 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
26 KB 449ms
92ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kozow.com.getstat.site/
Origin: http://kozow.com.getstat.site
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 07:57:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25878351
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flag-icon.min.css
cdn.getstat.site/assets/css/ 33 KB
3 KB 460ms
101ms Stylesheet
text/css 2606:4700:3030::ac43:d611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getstat.site/assets/css/flag-icon.min.css
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 22:19:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4220724
etag: W/"5fa32906-84a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJVdpZsVTFZ9fDemjkGGp9wEgtiDq5I4QA%2FT9RyQJN6IHmSbcZu6tQCkoLtESy3JIHePPtRssebWKl%2Fay6f%2FmTxLKq8NmNghT%2BZPU9S%2FSjY9gpAckayLq6hTrtYMd1qhNqid8bgOjARyGY8CaykJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 847549543ed336be-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
cdn.getstat.site/assets/js/ 775 B
666 B 98ms
97ms Script
application/javascript 2606:4700:3030::ac43:d611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getstat.site/assets/js/scripts.js
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e318cfcd1437bbf677b48ca508909fd435b821559ba9ad6e987a1fea044dec

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 08 Jan 2023 11:40:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4297604
etag: W/"63baab9e-307"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSYrJ8qGYV8KQDF9%2BcbJF58DdQnS2eY%2BoU4QcHSz8YSP%2FKUh4%2FbYKadUh3caOTgOCP5nU3ORYDf59hCFLwYMv%2FQ%2B%2FNe%2Fxe%2BXZ0AlGrjKi13oDDW5CZy3hAON9uOPVAbCsGWOwLpeAi%2FUpl5LbQ54"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 847549552fbd36be-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

logo.png
cdn.getstat.site/assets/
Redirect Chain

http://cdn.getstat.site/assets/logo.png
https://cdn.getstat.site/assets/logo.png

5 KB
5 KB

97ms
97ms

Image
image/png

2606:4700:3030::ac43:d611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.getstat.site/assets/logo.png
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Server: 2606:4700:3030::ac43:d611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9918f7e977602aaa5909e5c9211d106f25b7ca678b19d17395a0eac9cc171cd5

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061177
alt-svc: h3=":443"; ma=86400
content-length: 5193
last-modified: Sat, 19 Jun 2021 00:06:58 GMT
server: cloudflare
etag: "60cd3522-1449"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTEJZyNo9ougB0wMReJVy2CLV%2FY31cNP18Qb%2Fmm9C9SdvoZNw%2B6v0feWaJGQHkIIdNuJG1nb%2Fi3xJ%2BMlRCh6iSu5UKAGKWhC10DHSeY1pT8gXJzzkjLMoLkeqWBHkcpl0uKqKoCT6W1k05TTMPie"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 847549544ee336be-YYZ
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Thu, 18 Jan 2024 07:57:19 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dstjLi1N76dWmrr41MDhRY%2F7SH%2FNwm7wJS8sTCsKHAGTlnplOd%2BV8Esk5NZ0Ov4gA%2F8ojTQcy7eXKnvgabd8KoeBpE%2BPA5Jr8f7tBoi5W1NG43UHauejGO7h1B0FFu8%2F%2FKeJUoqDCQ4Quw8aGg95"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.getstat.site/assets/logo.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 84754953ae3336cd-YYZ
alt-svc: h3=":443"; ma=86400
Expires: Thu, 18 Jan 2024 08:57:19 GMT

GET
H2 200 Kozow.com.png
cdn.getstat.site/di/2558357261/ 2 KB
3 KB 482ms
123ms Image
image/x-png 2606:4700:3030::ac43:d611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.getstat.site/di/2558357261/Kozow.com.png
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b97714c51cc071c5fda0cf4e779a07cfdd8fcfeb53346980f672010052814a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 07:57:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BP%2FBAXzg6Z38QRnev77YKTZMdnBV8K6i9Xh33xjow1J%2BtKvnfFOp8EcdInJ5qrtDgScVJibolTDnM7NuklUerZNjnp53KXlFur5vV8EcevJsBbGnQ%2Fas6F%2BbYjAphqmcPHDq%2B2S%2BjvDfcF%2FjjsUH"}],"group":"cf-nel","max_age":604800}
content-type: image/x-png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 847549543ed536be-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2515

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 535ms
137ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7431894e020842c4137aed86061bd392bf22a9bb9b950402892f7501ce4c8909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51136
x-xss-protection: 0
server: cafe
etag: 8679033045681047913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:19 GMT

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 435ms
91ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: http://kozow.com.getstat.site/
Origin: http://kozow.com.getstat.site
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10764037
x-cache: HIT, HIT
content-length: 24606
x-served-by: cache-lga21954-LGA, cache-yyz4544-YYZ
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705564640.855866,VS0,VE0
etag: W/"28feccc0-11abc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 94, 19810

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 94ms
94ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kozow.com.getstat.site/
Origin: http://kozow.com.getstat.site
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 07:57:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 26104422
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
x-served-by: cache-fra-eddf8230067-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 135 KB
52 KB 530ms
146ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZRNJLJ

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd765e7be903cee691b2b144b95959767e316c7ba0d578073ca52094b930082b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52401
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 07:57:19 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 kozow.com.webp
img.getstat.site/291075527/ 44 B
378 B 521ms
504ms Image
image/webp 2606:4700:3030::ac43:d611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.getstat.site/291075527/kozow.com.webp
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b44d9e10308a9bd487f53c8464c5fd782b5305830e6197ba288a35b49447f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:20 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jan 2024 07:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UO7deqe%2FdKvSmwZseW%2FNY86hylARIPOJ7cOIiruzZ%2BYH8VqgSsGL1eObf5EWEYyNur3aufc46AxTtCOkW6E9hUv8KRfZtWZfPx1R2Q27i046iLsyN1GkHWrcI4GXlYue6SB%2B1PQn0Rvg09DHC6es"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
cf-ray: 847549585a5336be-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ 402 KB
136 KB 181ms
180ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46354e83d1f6b5f3577f3e8f258afe345de3546f07017460d450aa668eb21692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139481
x-xss-protection: 0
server: cafe
etag: 13091471656818931065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/ Frame FB1F 9 KB
4 KB 500ms
111ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 60536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 15:08:24 GMT
etag: 9219409622527106327
expires: Wed, 31 Jan 2024 15:08:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 515ms
132ms Script
text/javascript 2607:f8b0:4004:c19::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZRNJLJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 Jan 2024 07:01:52 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3328
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 18 Jan 2024 09:01:52 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49EF 48 KB
18 KB 366ms
259ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfc0fcac80084fcc9ee9e62cd96e4d419c3428838d4543e07240d8937dd3271f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 07:57:20 GMT
expires: Thu, 18 Jan 2024 07:57:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 586F 48 KB
18 KB 421ms
325ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9086a123cccfa3b8f3ef391cc8966335fef5b058facc2260ab372c4eda0e1b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18635
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 07:57:20 GMT
expires: Thu, 18 Jan 2024 07:57:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 547D 48 KB
18 KB 370ms
280ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4737925386b05195b3d67c66857d5a5ae442f5fd158f08eea12d8fd67b992e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18605
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 07:57:20 GMT
expires: Thu, 18 Jan 2024 07:57:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81F7 720 B
580 B 335ms
250ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=7804916091&adk=66440164&adf=1525029410&pi=t.ma~as.7804916091&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640139&bpp=1&bdt=1148&idt=319&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=2075&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=321

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8e7c2effb0e046210c0c3d4b97653ef111a981b4c750f0398203308092f6a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 07:57:20 GMT
expires: Thu, 18 Jan 2024 07:57:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A04 289 KB
38 KB 727ms
654ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&adk=1812271804&adf=3025194257&lmt=1705564640&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Fkozow.com.getstat.site%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1705564640154&bpp=1&bdt=1163&idt=308&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280%2C730x280%2C1110x280&nras=1&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=318

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3dd17c42b9fa7d2430f3074cfe688e20c132ea589cb8217758290457a0b9af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 07:57:21 GMT
expires: Thu, 18 Jan 2024 07:57:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 126ms
125ms XHR
text/plain 2607:f8b0:4004:c19::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=356220525&t=pageview&_s=1&dl=http%3A%2F%2Fkozow.com.getstat.site%2F&ul=en-us&de=UTF-8&dt=%E2%96%B7%20%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgEABAAAAACAAI~&jid=1232888004&gjid=1054623362&cid=1280169661.1705564640&tid=UA-186866562-1&_gid=1451235052.1705564641&_slc=1&gtm=45He41a0n815ZRNJLJ&gcd=11l1l1l1l1&dma=0&z=1120249693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a05debfbeaa4f876734a1ae2b02a31901467e93bcc6f961a460f62d2cfc9bb60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://kozow.com.getstat.site/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 07:57:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://kozow.com.getstat.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 650ms
239ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-186866562-1&cid=1280169661.1705564640&jid=1232888004&gjid=1054623362&_gid=1451235052.1705564641&_u=YChAgEABAAAAAGAAI~&z=1410122567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kozow.com.getstat.site/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 Jan 2024 07:57:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://kozow.com.getstat.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 49EF 108 KB
39 KB 550ms
204ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428
x-guploader-uploadid: ABPtcPqjbDse1IED0iMHZ0wtcaGAVdkymqB6MYx1njDeJKzNEeQNcvRar43tBMV_GyzMIr6nvxJj4OrT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjpwMSO87yBTbSC7imeDF7Tv8DV4jK93DvgJBWuNyT5wtkJeUdSGf6V7oLKHR1pS4ZTby4lp3pPVhKSQ2MIBob2JBdNeqtLNFo%2FKHJMnTa8v7F%2BqBXLnrA%2BOK4mtK2Rj0qnqrgvAqrB8ICNMG3Kk"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 8475495fdbfd36a8-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H2 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 49EF 13 KB
4 KB 476ms
125ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDIT%2BoxqpB7XAwaPi22o4uhmvzUVRaDZjGwF6gR3%2BWZeJDMv4YT9J1pniWZtJAMkjt%2FkV%2B2E3%2Fznuh7I6QPyqA%2FyiLuY2Sv668rrY6CQisu5c0qGljdQOyDx1ZaMjoMsy05jXDUKTMW8dY7jeY4I"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 8475495fdef3711d-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 49EF 3 KB
1 KB 579ms
191ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 49EF 20 KB
8 KB 582ms
188ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49EF 206 KB
66 KB 538ms
140ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 547D 108 KB
39 KB 566ms
255ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428
x-guploader-uploadid: ABPtcPqjbDse1IED0iMHZ0wtcaGAVdkymqB6MYx1njDeJKzNEeQNcvRar43tBMV_GyzMIr6nvxJj4OrT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGBhbsA09h2N8JvVdN0Ca0qcLxtGZsyupfzaHeCISbGvcc%2BOCpbJBT7Nbx%2FQgdq2bMSM1705hV7Vmr%2FpXIISvD6g3qPTlTXyV7H6JMXXh2QcdTv6wA5g5XMufZYZdR82MzQleqZ4pnbG90AqKQFg"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 8475495fdc0036a8-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H2 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 547D 13 KB
3 KB 442ms
126ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9QWAI0TBEVKgfwkNTkvkRhw%2B%2BkFxPfT1T61ca%2F%2BveaThrkMWu1xrdJBXF%2FLbAMGAdC4IMMWaaVcPcFs5hbUbfw4UV%2Bz5KW%2FmpUTfkgrat4X%2FIC%2BHEp9HTuqXVzJGbnh%2BUcb7ZrqYnDqlzhhS3ov"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 8475495fdef4711d-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 547D 3 KB
1 KB 552ms
194ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 547D 20 KB
9 KB 492ms
134ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 547D 206 KB
65 KB 673ms
312ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 586F 108 KB
40 KB 431ms
135ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428
x-guploader-uploadid: ABPtcPqjbDse1IED0iMHZ0wtcaGAVdkymqB6MYx1njDeJKzNEeQNcvRar43tBMV_GyzMIr6nvxJj4OrT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpsFhwTAlpf%2BOs0zvgh3x9ZnhSs7ItidmJPKM5nNYbuO83%2B%2Fan6BkxlDipIjivsEwUQkmJb6E9Rlqi4Rkm11akohKhQFoOPRdtRjv5BkO3ZvKWaN3RclkUcUJzggakvVsC%2Fbx8uJTl7ushSV41PO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 8475495fdbff36a8-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H2 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 586F 13 KB
3 KB 428ms
129ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rthwLkgoCAPsh09AfmzShsU7sCWufXdoocSXxYt7zHGc4B6MiDzeXjOTOgJPQSLAib%2BffaFy%2Fn0wT%2FsXDfPmlrpVpqYtVvSolkFJrpB5bTQgcw6pRrYKxVvib1U6c%2FNa5FZYcTmjPl15RzaY1EFf"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 8475495fdef5711d-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 586F 3 KB
1 KB 538ms
195ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 586F 20 KB
8 KB 482ms
139ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 586F 206 KB
65 KB 603ms
257ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 128ms
127ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1N550D2FWN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4d5f38e4d69b341b5e2540a60d6e3948a92ed23487d9a49fb79514a3c25a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83419
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 07:57:20 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 118ms
117ms Ping
text/plain 2607:f8b0:4004:c19::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1N550D2FWN&gtm=45je41a0v9133857585&_p=1705564639506&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1280169661.1705564640&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fkozow.com.getstat.site%2F&dt=%E2%96%B7%20%3A&sid=1705564641&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2504
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1N550D2FWN&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 07:57:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://kozow.com.getstat.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ 162 KB
55 KB 132ms
132ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

457010f73ee97390dea24ec81101becd2965b38e7e5aa6135f1888347bd185a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56400
x-xss-protection: 0
server: cafe
etag: 3092986013747602667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
DATA 200
OK truncated
/ Frame 547D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39a1b61874ba52e465d4953bdd1f2ea9f6735a823a51ca2628c00c2ee8114b64

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 49EF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fec0b545f7dac7692fc23cfc896b47c235dea4d7931bbf3d7378f6b7e65f4143

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 586F 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d4f444da09f112d289a39e7050f2e9c61103801993fc384c3618a30e577ec3c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame 489A 9 KB
4 KB 113ms
112ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 59636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 15:23:25 GMT
etag: 9219409622527106327
expires: Wed, 31 Jan 2024 15:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame 399D 9 KB
4 KB 127ms
126ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 59636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 15:23:25 GMT
etag: 9219409622527106327
expires: Wed, 31 Jan 2024 15:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame F612 9 KB
4 KB 126ms
125ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 59636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 15:23:25 GMT
etag: 9219409622527106327
expires: Wed, 31 Jan 2024 15:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame EF2D 9 KB
4 KB 125ms
124ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 59636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 15:23:25 GMT
etag: 9219409622527106327
expires: Wed, 31 Jan 2024 15:23:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 49EF 0
362 B 134ms
133ms Image
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CALW44NmoZYmsJcWdxAOyoZSQCNKRto1tudCuypYPwI23ARABIABgfYIBF2NhLXB1Yi0wNDAxNjczNDYxMTYzNTI2yAEJqAMByAMCqgTyAU_QFfeLMnsKQx6zN7jmTTon18bz_Qe0_xRAYcWm6337qhVwYumSYDQca3NHtVc-NjNsaMOYSyd4d1a59nkHk8Yf4RQqjVfl3deHtRsW7lZpOFGfXXdkj3A7GtD3MaCn7hWkckSwkMwG0I8F94S_LQI546DcmqGZSs_Elfba2RgtlVly5sWXBDerb7G95-WwC9RaKpdUxOTmIBdA_SIEB4ZeFVZSy9pRJHShq_Zmf5Yz18joqn5ijjkKJEk0A87qbyrCo0rtIR1CqxUBU4v6UUjk4ecAMe8Zheno7efPQm5fivFoOd-CG7uXMGl-8f85pyvxgAbN2KOqnPjK5lSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrP6ttLvmgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDQwMTY3MzQ2MTE2MzUyNhgA&sigh=ZC9QjVv3u8I&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_LCNs8j-u_Yn00i6qcjwZXJRmJPYGl8JtX3_0CWot8jPrjrpuG8_NsR7DCWVWL85uJwQQb8WshQZAUnUzAA5_MJjhChSUwNj4x1YYAQ&cbvp=2&vis=1

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 07:57:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 49EF 0
938 B 176ms
165ms Image
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=3502afb2-b5d7-11ee-9925-826053313b2d&d=kozow.com.getstat.site&cr=ext_ng_start_prot12__0&a=imp&p=ZajZ4AAJVgkKcQ7FAAUQsqLcm4Ivool118LvEA&im=vfpya5EP-qhKcyh8CHNPo0sHINABx8sFOgefHRVpCa_ynGjhmNxdmqO1Fpy8BF1pycx1TbhMY7BZxdDDPgALP2ZIDN0_gD7Al-Mu6Hih050jWFT7a8VTbjrIVDOpFT5bDyKoErT-CQqTxoVz4xCkX1ElIC569wNI3pQhb-iN95hgjoWVvKczOEzbgoofsKEv8ixsI2OzkLck0d5_L-7-SgvmwP_28R18l8Cuy18WF1ZBk1jeA-3YSXkn7udLlcsD4hyrpj8xft9eDkhcLLA3hrEnKi3ckA_dmnI0518jjzvw1eXF0wjJn9bF-bD0BOZex9oUs2XMaUgq3XTWpWEwBQ1dXA5HbIM3I_FPn-tUQ6Y&cbvp=2
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQO1jlaBxlXIxgTMR1b5qMoMKO4wNZDJLVgeaL01%2BXwIlJrw4oDNyUzELjbQwjrAgNIt2hKoV11AWcgDXsKd00E32DSSrSHrF0jQE3%2BdcP8%2FbounoyuVpXyfQGEH6BCJdqWtVqrQUK%2Fxx6jmEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84754962c969711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 49EF 60 KB
61 KB 96ms
95ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
x-guploader-uploadid: ABPtcPp9LAoYTDIWoINt0YbMAQuZ7FYYo-cL6Zd5Ekuo0WcxsqsofuGGbsoqBVUwMogF_1PfDDXRe8GT2yAHMMblN38ACcaHUhFF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzGYjeAOeqG5nCnvOuJVgktBPJ8HZk13vt0syceJ5i1j660pEo514eI3NGrG0aWELv4LjlHXqlmodGhBBX3iJvLzlwdg8AxcRyWCCEiQl%2FVNXmNr7HNBoGeqeIaJFSioj9yY%2Faphhina%2FGFwVYsC"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 84754962ce0636a8-YYZ
expires: Thu, 18 Jan 2024 08:23:04 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 49EF 60 KB
61 KB 110ms
110ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=4750257789&adk=1430974026&adf=854766408&pi=t.ma~as.4750257789&w=1110&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=1110x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640134&bpp=4&bdt=1143&idt=285&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&correlator=7244106472690&frm=20&pv=2&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8gwPMVZQzlqnmNItdHqaJYG6YKfN%2FLCm61R6s0UE6l5MoQ7YhsO4cUOAclE4UsvMg9UReQKxLANgBYKqkd0qiBzcOIj6M77OLlArWpkLZmyNSYaY3kMBwYj5RQGc%2FPm34huZmVyX2a8srLlDTl8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 84754962ce0836a8-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 586F 0
288 B 186ms
186ms Image
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK_U74NmoZZq1JeKgoPMPxo-8kALSkbaNbbnQrsqWD8CNtwEQASAAYH2CARdjYS1wdWItMDQwMTY3MzQ2MTE2MzUyNsgBCagDAcgDAqoE8QFP0GFsd_D4a64RmlhZLNRcIPDcYYxyzJkdy0BnMxh52G3EGRiQiXhSPXi4LCWO7-xsrquSa9MOImjAODHoA4xFlhkq3jNGr5ajuHD6xqiWvlLBBGTl0sIv0cnVjCL0uA0AJ2zuJVAxHtUFDO0XnRDVyPcr2u5DIHsV-13mj97rwCLD_6DSLEiyFbR5g05pqkoZ0N4R4k6he62WzhUx7Ay2aevf98dQdufwBXSFzOgAWmwn_F8r-u1UXJTSdRyp_CE5wwymNr2SAsifsX49JWhmA0UQwf4db7mOZIl6PcsLpT-2g3xC3geOVO9YIx7w8saLgAbN2KOqnPjK5lSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2IeutLvmgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDQwMTY3MzQ2MTE2MzUyNhgA&sigh=Rxsz7yBo9Vo&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_YxgNiyy3jSwOWlrvptpT46Io9x1BFxk2ugF8pxW6h8eDikABovOpptId5brlaJkQMHrQZ784rga2lcundsjP-hfMwAx7g7fG5uIYAQ&cbvp=2&vis=1

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 07:57:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 586F 0
623 B 146ms
146ms Image
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=3504999b-b5d7-11ee-af03-ba99962b5fd5&d=kozow.com.getstat.site&cr=ext_ng_start_prot12__0&a=imp&p=ZajZ4AAJWpoIaBBiAA8Hxtg14pFB1JKAufR0qg&im=QTQCn4scVHDWtJ9FXUbEHg98bU4xhA82yPr352n2ibtpDjp9vhVwxqCmSjnghFlvZAat50nWSLmpCdg-MeLwBP9w9TuJESAzOzntWPUveb2jFnNPP2qpTCqGbFmWtaeA13VllkqOt1cqSDXCI4xAom_IM1bP0dQ1pW-6UMzEpTumxZsLyOHFiRmoiWI-KbqvJOHmxUItPp21RePVZGGUeHDiztZbR5T4qbnWQko3RKB7RG_dd19u1pAwxbduOCnsFyW5aF4Gpu0aAp8Ki-oEmCyPEYEHQbUDAFeu08vx1IRnpIT8xJKij9cqzNzEcg9WdAN3XlUd02ZuSyOU3pNloR_ImH9u2YV5qO1-BRDqFIc&cbvp=2
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOIYHbVMjuK0Uiutd0tQx9%2Bj185078EBfb7fSOztcyG3hY2wGN6%2ByTjzO9E%2BYrDvkFO1vzlPpekXS2tUFvDATGDhN5VTVTD2vGEQzd622mfeteOa2fQDbCw6wF4ncp9x4sxl7ItFn2l3IGbI2w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8475496319a7711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 49EF 0
1 KB 199ms
198ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gkNUQy%2FCcUlxWy6LZQj7Ry4AOhi0aktRj19wP4nbJwuvjDCbC9paYcaiCABqmOq98%2FrbNEtvXCICeWPbLpZyiNx6qbAnAoeLHxPwjD3GTf6nmyAqVZUMs%2BM%2BoMCrcKLlzKyvJOuUpNnROoIlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8475496379fd711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 586F 60 KB
61 KB 104ms
103ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
x-guploader-uploadid: ABPtcPp9LAoYTDIWoINt0YbMAQuZ7FYYo-cL6Zd5Ekuo0WcxsqsofuGGbsoqBVUwMogF_1PfDDXRe8GT2yAHMMblN38ACcaHUhFF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAeUz2CREYtReOHNTVJVM3%2BvHpTcLimaAnZvheWhBGT%2BFeemRUbxXKGcsTVHQValDSMUgaXqwxpNCkHwoHNVc0Z6TeSht8UpOLtFf5A0RZIosy0mjF40ClWSc%2FqBzkLWtsqDrMq8160QIBKCMtD4"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 847549630e3e36a8-YYZ
expires: Thu, 18 Jan 2024 08:23:04 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 586F 60 KB
61 KB 115ms
115ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8790694706&adk=914056339&adf=2369281301&pi=t.ma~as.8790694706&w=350&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=350x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=309&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=245&ady=458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAP0LK0N0KhUkiOnv594kfep2OcdaYdlg4nQhWWwQh5ejLa5%2FgM5Bl84KDQPXNMAbGDDIlbrnuPFlIGxtl8aaCkGJL%2BmY0XtesQiK8Fu7qs8LzXCBXoqcsgO9dwbEgT2oM8Tf81%2B%2BUPooIOvhrjU"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 847549631e4636a8-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 547D 0
286 B 169ms
168ms Image
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkrRy4NmoZeCvJc-JoPMPtaGdiALSkbaNbbnQrsqWD8CNtwEQASAAYH2CARdjYS1wdWItMDQwMTY3MzQ2MTE2MzUyNsgBCagDAcgDAqoE9wFP0DIyHB5v4rOL5-nE8SuZfLWmSIw2lV6xFZ22aZkCVQWZMWTqkduyLlN7PD-usFgKg7PE-OAdVbgDSDQD-BB4l2IeNyDEv5abprys9VuE1HrSrbO_LDoRAvVtFP0zgxB_VxEli_MrpJpVmpy3yX2dlUh1AsVX-bMTe7b0FlT4BTSpxYoDkqlXN312-Z_YW2r9A_VEf-mAqyb5Q8GyaWbMePuUI2a7ttCKUmAQ1tz1YOS-IAKJGFyizOqMqH-9Uzo-twWCW1lU4xMUA2BTWi6KOELi97jcl34xwK-y9hIrDauSw7VQsewY9e3xZpLOD48rDxN5X9ssgAbN2KOqnPjK5lSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzYSutLvmgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDQwMTY3MzQ2MTE2MzUyNhgA&sigh=dfAD30J96p8&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_PUfKfeOTJYHnXGhvIln6PnnR4eDXKj0MPX0y76w5BauGBhxmAnI11tV_JoekqwnLEFHlBDFtRuFaJ-7VFJiWty1TciYGyVwLSxgB&cbvp=2&vis=1

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 07:57:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 547D 0
691 B 135ms
135ms Image
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=3502d115-b5d7-11ee-9925-826053313b2d&d=kozow.com.getstat.site&cr=ext_ng_start_prot12__0&a=imp&p=ZajZ4AAJV-AIaATPAAdQteAZo17QYUCq5myMsg&im=Niw8Bz3amOJZySEbGzrqHKs1ttGPz3nNsjEj6s-llDWoCHscLbnC55hvSAOkksA_tO6tpYzL5LW1s78Pc3AJcqAQG-wvTP5fdP1mtrMmMnVBQ6Nty5H4f2wB7Q6EkhjR9BLcCq0KGsOPFkmzirkN88OmVp_NTrsjHIMmlJqMkc6_rT4kFH8B3d9bfEOjtwjFhqx5l9LK-R0NkgrRzBrw4AlNYdZXWGdJIJdQOErhcigiIvWDJUgR48HtGpmmobbJVUEsoFGhx5L83Tug9SuTRvk3xwIYnvEVDN-6CDunIN7Rdu6WG2R0IUHZmho66IatcWUHmHhbZ9OV2bGxwMeEeJpD0j6PMvhivJIL_Efm5JI&cbvp=2
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRvxFSRQlelbb%2BokXNmCEIQCLLxjLSjztrkkex3%2BgrQsI1OHF%2F3PWxrYnY5HnkUVyIgxg%2BXgHHnfxtFALdpgA1IGR78xfad5qXTPleLezoMelIgKujEQht%2BbH%2FyyNb3SFJvG7IwjoJR4KuBzWg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8475496329b2711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 489A 4 KB
1 KB 591ms
143ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 07:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 06:16:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 07:57:22 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 489A 16 KB
7 KB 114ms
112ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:18:13 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/ Frame 489A 22 KB
9 KB 116ms
115ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:18:13 GMT

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 547D 60 KB
61 KB 94ms
93ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
x-guploader-uploadid: ABPtcPp9LAoYTDIWoINt0YbMAQuZ7FYYo-cL6Zd5Ekuo0WcxsqsofuGGbsoqBVUwMogF_1PfDDXRe8GT2yAHMMblN38ACcaHUhFF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYcUMKR2tO8zjAhvCNvKRCCjPMi8d4lqKEGVXndMzJnjlM25TTghE4URSZ9xkssYVAXhWNMwLXY6Ygwm6VvVbkjeluGmIG3OSdotXbx7Ykp5MksfayFthVdbkMdY9yRwOLj0g9rS58q2eRXHwyc6"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 847549634e5b36a8-YYZ
expires: Thu, 18 Jan 2024 08:23:04 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 547D 60 KB
61 KB 106ms
105ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1705564640&rafmt=1&format=730x280&url=http%3A%2F%2Fkozow.com.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1705564640138&bpp=1&bdt=1148&idt=314&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=7244106472690&frm=20&pv=1&ga_vid=1280169661.1705564640&ga_sid=1705564640&ga_hid=356220525&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079265%2C31080443%2C95321958%2C95320892%2C95321626%2C95322164&oid=2&pvsid=2748493985392870&tmod=459523443&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxjoaZIC99LESzmLHnOIx6oUG4dxNF86kZi1up8E6OBtWn0W4sUcliZgWiCRG6Hr6rLfPuVU3%2BEhKu7xUz5br6O0ckdxoYCPxapHmmTrH1WLu6xIl18KNzgmEySTiW4CJLBLdIiS37V0HokMPfXM"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 847549635e6436a8-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

GET
H2 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 399D 108 KB
40 KB 102ms
100ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428
x-guploader-uploadid: ABPtcPqjbDse1IED0iMHZ0wtcaGAVdkymqB6MYx1njDeJKzNEeQNcvRar43tBMV_GyzMIr6nvxJj4OrT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihroI2ArenZQfL9DFD6BaGHFW%2BWu6jI%2BzxFz%2FO9%2FHXZ11GRsDWPKixFkZizGhaHMRPEcofudgqqzpij%2BI4VOJcOhNpzOLQagi1%2FIIJfUZ8GJptjDc%2BdLxth3BnjwUjaAyRKrwo6AAVtt2vB0ifRW"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 847549636e7736a8-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H2 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 399D 13 KB
4 KB 98ms
96ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIxTLnZAyXa%2FosZS7S4Mhg5u55xAw%2BOnz5Pf%2BXc0aVZadbHkdGjq2TZEehcrAh1hb3Q62OO44ix5mkno3X1gKG3s6oenzhvxnIgjByBpQdDC90PkOX8yqluAtXK0eCXEWeelaSebEHaMfmhG5fiy"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 8475496369f6711d-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 399D 3 KB
1 KB 115ms
114ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame 399D 20 KB
8 KB 116ms
115ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 399D 206 KB
65 KB 117ms
117ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame F612 108 KB
39 KB 104ms
103ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428
x-guploader-uploadid: ABPtcPqjbDse1IED0iMHZ0wtcaGAVdkymqB6MYx1njDeJKzNEeQNcvRar43tBMV_GyzMIr6nvxJj4OrT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FLyMKPjVhoMDE5ASXJKTKLe4ctfZwfZRlOE7YScX%2FxHqfkF6or2LXjT29f7tIColX9%2BWD5nDhnVnVLvJEHDdEtZN9tBFq9eGqVlHNKL%2BNN%2FsbHDT1cyQxy%2BStmFVmQBZevJfIHKE%2FThMLQJELjT"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 847549637e7f36a8-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H2 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame F612 13 KB
3 KB 100ms
99ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1fvBiliYTWwiJQm5Eo5zFX6GOqmVeXgja%2FoGtirMSx7FZ6ePupG1V58Ff37uzrRKXXPvfG9xiAZ%2B%2FomMgH9emPMqf28EhujXpW4bDbzakNXWVEgsLPDOvQk51sRWGZyrfYH63WM494l0XKL3LzT"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 8475496379fa711d-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame F612 3 KB
1 KB 134ms
132ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame F612 20 KB
8 KB 139ms
137ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F612 206 KB
65 KB 151ms
149ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

GET
H2 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame EF2D 108 KB
39 KB 109ms
107ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428
x-guploader-uploadid: ABPtcPqjbDse1IED0iMHZ0wtcaGAVdkymqB6MYx1njDeJKzNEeQNcvRar43tBMV_GyzMIr6nvxJj4OrT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbjq9kewzUcKaD9ScH3d9F7PQesHwBYiOaeYgKaQ5o86mavLMBb9wZZ8dP4NLvKLhlHt0by9V2EiKz6eYzs1aO%2B0rZ15jAamzw3dn3TL5Ux50Bf%2ByNAg1utKqLxjTip%2FUBSqKtNF%2B%2Fve9yxDaFwF"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 847549638e8e36a8-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H2 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame EF2D 13 KB
3 KB 142ms
141ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ofm7kuD8fA5%2FPk25nA0oB5AAVXvKnsaAB3xhP9SFlNH8IIr4XpmYCcvFFVXBavh2ZqQA8NTCirf4RaMixA3JzxfrAEXCphlr9ErU7xvqmbLPg1gyokhiK0oK%2B0smKupoy8%2Fub6DqVFVjbG53sdv"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 84754963ca4d711d-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EF2D 3 KB
1 KB 132ms
131ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EF2D 20 KB
8 KB 128ms
128ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF2D 206 KB
65 KB 129ms
128ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:21 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 586F 0
600 B 244ms
243ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNEEoyvYxm74ZOHJkMoOoDwG4LE0DmYxwJ%2BXJspUuRt0shOBNC9OdaupeJsxZQCOHIlW6dEwhwjIkeZI5E7c0QNeWWNoHiCMigqXDK0aYfc09641rPlnGzqrQGkIBSUlnB05kyY%2FeAAyaCrnLA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84754963ca51711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 547D 0
503 B 216ms
215ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP%2B3NpDqWpMtr22hAIvEwHqhS1L%2BuivFwCa5I%2Fp3cekBaHMo1svYaC4d1y%2F9P1pjVKDOU7kyxb8QD5R2NEuAW4tkfXkdCwKS%2BoC%2BE%2BJIwUwEGz6l90WngOrPA2pXM8eHf4rOAs44yD16hdtgaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84754963fa79711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
DATA 200
OK truncated
/ Frame EF2D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 373ae99829f03abae87b0ddd967c793ee99cd1ec1967144956a3b0ec86770b4b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF2D 0
19 B 136ms
135ms Image
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJzCh4NmoZYXKJfjNoPMP1fGr0AzSkbaNbbnQrsqWD8CNtwEQASAAYH2CARdjYS1wdWItMDQwMTY3MzQ2MTE2MzUyNsgBCagDAcgDAqoE8gFP0Po8Hqxbl1ZvKtfwb2hpwencTH3VEKa47hDEjfttnLEv69BehZvVa6hcJN5p-kfC14DoaAXx4g9mIdjoHWwMsyKQLf0mRpW8p1WbUTvrx-7V6pF55SIlfdzkCUDz5hqPAZIYkQKXJJjSnoMV6YNkvqXa9vtW1B5UQsBWJPqvE9lMR7J7GaX0gI6v_ngGFj1TedxY-eKZSwwVLoUlM3IZluW_tZA7Vm_0c8STexyMYzAYvxZBVgByUPwDhEbzcFce2CJPIeFL3so2py9hu8xmELNlGaRNig5Zw7RJtSkl6v8cWIldz3hgm_4KlxdPF3Vz34AG3YfVy77-ueUJoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNmXrrS75oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTA0MDE2NzM0NjExNjM1MjYYAA&sigh=dFOdQ7ER3LA&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_cMFNJGoviH0OQ9AgQYjbSo6g5Dq-FFe_3vyp6gbvMzyp9lUbbbpAQnW8c9XoWBoWIn8kdGFBcxGWhy91WBzU691HK4fa5V1g1CwYAQ&cbvp=2&vis=1

Requested by

Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 18 Jan 2024 07:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame EF2D 0
443 B 136ms
135ms Image
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=3506b839-b5d7-11ee-8d3a-ba82690f69fc&d=kozow.com.getstat.site&cr=ext_ng_start_prot12&a=imp&p=ZajZ4AAJZQUIaCb4AAr41UWr9Q9xLgFyq5PsLA&im=CHeHfDAr06WdhTcdfnJGEEwjf0lyzk7ig_KzxLSMbNipkj3GmwxNZ-afPrOXwUw-v56YlvJtlc3Em8OvuECO8y38XtMpuupbHMycLSvT6aeqEv7WytaUyAHKrWynywExgT9ez4OOv3848Xu8anQ43jbizPuT4lqoOAkGfIXDgi1t4or411NM_kB2uHeN4hGnoiER2AiUJvvfQF4pEXn9SBeIXOZR0ugZiYCJoMvdBUFPqQ5BkKkZ-oEvmjXA_whA09kvD8CBZRwIRzbMMkMi7WbUQD4-tqqYlaLv1LmbsHlc28stroYDDiE9Ls0mrPzY&cbvp=2
Requested by: Host: kozow.com.getstat.site
URL: http://kozow.com.getstat.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH40Y91LcAtPU6g2WKx57J60W1lqbuVeVMSlcwET95rwwF4LFOzh%2FA1uzPFXxGpbWQYAN0oRPk92qwUmA8%2BjhOfpZId4dhpV25ztEDLQJJJFkRCGLd3%2Fs4EKVqThyesuG814R5PRvOCdAS0n%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847549652b45711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame EF2D 60 KB
61 KB 107ms
106ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344
x-guploader-uploadid: ABPtcPp9LAoYTDIWoINt0YbMAQuZ7FYYo-cL6Zd5Ekuo0WcxsqsofuGGbsoqBVUwMogF_1PfDDXRe8GT2yAHMMblN38ACcaHUhFF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a7Tb6lOe7cVIfdvfSx6z00slHYJW5RVqW%2Fq9gaav9cfJm%2Bp7G5QdhAu00v0I%2B%2B%2BpyEoxPdGaoONMoP4SMT%2BYiHDhuMb5ArrIAfyIoY4KzHXFCLT6CFxf%2FcpRFprbNne%2BBOJe08yA6PpkwE67kIz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 847549652f7b36a8-YYZ
expires: Thu, 18 Jan 2024 08:23:04 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame EF2D 60 KB
61 KB 102ms
102ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovaDe6svdMJO3m7u9M1xfiprg52blLy3HpVKOvy%2FicPbQ4bWmv6Jk06HdVUwKO3OTHyKcuzXbv4i%2Bcc9pH4TX098XDH58YhN1IU2QyZ6sCTTRHWBOAvVq5%2BbO2pl1gKiWLz4y1zVeyn0xg693b1C"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 847549652f7e36a8-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 399D 60 KB
61 KB 103ms
102ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344
x-guploader-uploadid: ABPtcPp9LAoYTDIWoINt0YbMAQuZ7FYYo-cL6Zd5Ekuo0WcxsqsofuGGbsoqBVUwMogF_1PfDDXRe8GT2yAHMMblN38ACcaHUhFF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3etPBAH4cUXnbqK1QmSJQBZ5fjj8BU0av21yXp1Q%2FHfzIpW%2Bq1RsBhhzmZa8xF%2FCfvFll3rk%2Fmpn1Y3dINigM1gZTwpE7eyjrc4UjPkr%2FxGPQ%2F6NJNECObbiwZe6KXmg3vMD3iTUuDc%2FKUcLjgsn"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 847549654f8e36a8-YYZ
expires: Thu, 18 Jan 2024 08:23:04 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 399D 60 KB
61 KB 98ms
97ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BlO%2FE%2BoR8XZQzH3K%2BM6fyVHKvmO8dpuPMyGUr90ln7SxmDEUlvRQn9HRS8ooHFMqQMA7W6altr%2B5Ahpzc4EPJ1w7T5GOZ2eQ0bdNm%2BlegwIQfiyhk85Ne3RlmYv8ICph87t4q%2BecUtM3tiN%2B%2F40"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 847549654f9036a8-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

GET
H3 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame F612 60 KB
61 KB 201ms
200ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 776
x-guploader-uploadid: ABPtcPqEb-U06j9m8W9W7k3hPS63UjnCFPwROgz8haOE_IsWz95TibJuKf749TyJxyQRmFWiSKnp1HsttRL74-xjYPQMsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gw2rdJ7SSg8tNKri7B2ZNhJFAhihba%2BrGunHVmSnU2S4aVxs7tiOdhZQxRoNVEbHd6AXAZGVaIMQmfhe91Eg3YNCvMf13fHxTc1B0oM8RXj5CWOoiw%2BLKscIq63%2Bh6uA5jUMpUZTCmoHzpsteKHS"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 84754965aef739ff-YYZ
expires: Thu, 18 Jan 2024 08:26:00 GMT

GET
H3 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame F612 60 KB
61 KB 105ms
105ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 776
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UuH540zmka2rXiAQKeyvXX8RVuiwx06wxKDcCIwYbnr4UKEZ6Q7lusAm7LmwuC315k7dG3mPSfqCisEp8XYE9iTWkC61XatGwZpwiyQwxJ8SNstmEnWUqLR%2BQsOAQ7z9e2kJxrhH5Do40j7Eab2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 84754965aef939ff-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame EF2D 0
357 B 152ms
151ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN%2FjKdzi9VY4tMPO6YsTXRHup9x8mYQVFb1grZ6IIXdwGIlgYi03WWXjsP%2BkfL2U1LiKcNuMiUTTZRRsNJAIUsBmoRT7Nk%2BUh2dW8H8fsnfR1D4V1GxOGP0%2FXnEV2StFriLWpvp8FI4%2FpHg%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84754965dc00711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 399D 0
878 B 146ms
146ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXQtsaI9eoMbY7ydQGtJsSpovHftnu0RRzGFzvLX2Y0Jti%2Fzg8P93SnNJEogGcTXaSGATz%2FcX3laBx55gy1vy%2F4RLaUxAo%2BQw1fFFxh%2FJLIObQlDcnzaMsV8hBptDXUPhiIGURkCZc%2FCvyC0HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84754965dbf2711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame F612 0
421 B 141ms
141ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM4fnaR3iLftUw1W9NvbRRhlvhdYTXKavKB9odV1%2FJZW6zE4KXcLHVBGI%2BXNltZp2koktuuyy2N96yVKRuu%2FiK1n1yDMoUDWVDCxaFY5GM98eWcjuJ%2FV%2FCZe29jSbL3xqIkdGMgI%2FHOC0uFykw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 847549663c9e711d-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 index-7f04b3f0.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame EFA1 108 KB
40 KB 225ms
224ms Script
application/javascript 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780
x-guploader-uploadid: ABPtcPrVrKq_-nHgol8FgEff3ZuSruqaJirLvKQ4emp68yku1_FycerLeQfmNz9dGRat24ATycv2PmNR
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jan 2024 21:22:44 GMT
server: cloudflare
etag: W/"a65ec34302bdbbea7e0a8466df469eb7"
vary: Accept-Encoding
x-goog-generation: 1705440164863448
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=K9LBzg==, md5=pl7DQwK9u+p+CoRm30aetw==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84%2F29wCa5%2Fg%2FKTLpS0cwY9zSu58uQgFYje8hE7n40x1J%2BxZArLZyBADv6Q9vhTGaQZirOWB5W5tn8ZvIhbVAZYaDaEwdN5o0c%2FKZNpesxJc4FmSd40ZpknEysTdxXgZ4dzUR9crw0fSDb4rHGutL"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 110316
cf-ray: 84754967180a39ff-YYZ
expires: Thu, 18 Jan 2024 08:29:27 GMT

GET
H3 200 index-50e90fe1.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame EFA1 13 KB
4 KB 100ms
99ms Stylesheet
text/css 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-50e90fe1.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 780
x-guploader-uploadid: ABPtcPpB2pp3xYOI1dbMVQbE_c3g387FPO4mGjKU1FdN0PfV2iRICAPQxFcX28_QclpGo2Vc5ISl5UMjuQfyrrc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jan 2024 13:44:43 GMT
server: cloudflare
etag: W/"f4952cc222421b2e9705e4ccaee91f11"
vary: Accept-Encoding
x-goog-hash: crc32c=9g2KQA==, md5=9JUswiJCGy6XBeTMrukfEQ==
x-goog-generation: 1705326283679054
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyP5tGinXbeTAmg6NaW%2FhWm%2BaJ92ZlTLDdo9KemkHFlGzZ0m0njwoIbvi2jZ3KzcgUMxuhzUisW2NMYFZ1BI%2F4NDFOuFn68FvlSfmHO2lsNOXjkapS9hd2h2KxR8v10lqtWmJDZl9mQFX8C5lFVx"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12830
cf-ray: 8475496718a33703-YYZ
expires: Thu, 18 Jan 2024 08:44:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EFA1 3 KB
1 KB 118ms
117ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 17:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:19:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/ Frame EFA1 20 KB
8 KB 115ms
115ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240117/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 16:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:28:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFA1 206 KB
65 KB 147ms
146ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 07:57:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 552ms
135ms XHR
application/json 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240116&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68edf98ade838a27f6ca64af76c084aeef1f8c2deff1939a8bc23d08f4fead18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12298
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49EF 42 B
64 B 545ms
131ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCa6qeaeVMMkxQpBZd5bNEbfJN3ygcpFwYLScepLtxNUvej1Rgx4kiC8uaN5Oq8faMTXoK5CrOgttxx8Pid7Vz0UzykCOVtIg-9cPEF7RbTtnPXvzosDCm&sig=Cg0ArKJSzLTrADHeaTnCEAE&id=lidar2&mcvt=1004&p=0,0,280,1110&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1430974026&rs=2&la=1&cr=0&vs=4&r=v&rst=1705564640438&rpt=1231&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 07:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 586F 42 B
64 B 506ms
132ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcch2VHZL3ukY2rcuvFwJrmAwS2Toi5sthtsNoOImcZiW1QLZju0QsttJXQNPS3SJxvvLP9zHjR_to4Sv2z_AWc38M4SsgERVHyCoN-ESansNn2bRnG23s&sig=Cg0ArKJSzHXjXV1QWhxQEAE&id=lidar2&mcvt=1000&p=0,0,280,350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=914056339&rs=2&la=0&cr=0&vs=4&r=v&rst=1705564640451&rpt=1275&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 07:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame EFA1 60 KB
61 KB 100ms
99ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 776
x-guploader-uploadid: ABPtcPqEb-U06j9m8W9W7k3hPS63UjnCFPwROgz8haOE_IsWz95TibJuKf749TyJxyQRmFWiSKnp1HsttRL74-xjYPQMsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isoqvD3YdWZSjCLw0geAefdAzvrj4VT4p6jxYOfePOpLhPlp9mXsnTSGicTd4FshiO0Dlm4I6fZ7vkfWZLxOXmKbgw2Hg5NRfkob%2F89fkXQrcf37gvtNZEAsxb7mfEzWO%2FfL5fXGA3Q8YKuYAUpZ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 84754969b9c339ff-YYZ
expires: Thu, 18 Jan 2024 08:26:00 GMT

GET
H3 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame EFA1 60 KB
61 KB 105ms
104ms Font
application/octet-stream 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 776
x-guploader-uploadid: ABPtcPoMV5P_itu8tkXPjWBn1n0k5MlWtyp4oRj2r6h9HwBulD6AYMRjrCy4kGdjDW3BOBbggc4_cF4_j2dpQ3UtR8sYvHJih8ZZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oUvGROwn5ihVshyDxo5O7nAB%2BOYVhPNCSe5wIwNc7dO%2FvHxq%2BCszUXgu4Kjwfsp1K2%2B0f0fc%2Fc2ac%2BCthqwB2HnfMGLuHR%2BYS3BWG0XdVB%2FrzN4gDEZnl5kJt365DkEnFa2MI%2B2RFvsc3L%2BS2vL"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 84754969b9c439ff-YYZ
expires: Thu, 18 Jan 2024 08:08:26 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame EFA1 0
926 B 136ms
135ms Ping
text/plain 2606:4700:3037::ac43:b0a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-7f04b3f0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b0a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 07:57:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQH1FanKZzU2xWGJCW%2F3m2xwqa06qfMFpdjbF4R8H9f11SaodSgUo7nL%2FF2Kdv9Skrachmbe%2BH2MR4MXEON5d1n4FzC34qR6YgUEIXbvSoDA5KVGDuHT%2F2ATbQyau9WsmzRy2AcWr5wX59D1lg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8475496a5aa23703-YYZ
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EF2D 42 B
64 B 173ms
133ms Fetch
image/gif 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstapCYe0eILQa4b41ZgsG2yLjpGNAdp8UYYSbRRZSRLFVd8NVUx1vuLVCD0Xx1TVhJbLI-_R5ez88WUYoS0LQYDF_lgRI8ZtacuKHabjp3ym1wVkyluYoVN&sig=Cg0ArKJSzAw8ZI1x8QRZEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=164,847,1000,1000,1000&tos=164,683,153,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1705564641596&rpt=466&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 07:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 116ms
115ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 07:57:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0556 13 KB
5 KB 124ms
123ms Document
text/html 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 130085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:49:18 GMT
expires: Wed, 15 Jan 2025 19:49:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2236 829 B
1 KB 539ms
159ms Document
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5413e43c9c29beb22ac8ede9d2653b6aa1ae7748ea09da0f2541a77f241f444

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j1sFssUz5RHOQmX1S6Jx9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kozow.com.getstat.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-j1sFssUz5RHOQmX1S6Jx9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 07:57:23 GMT
expires: Thu, 18 Jan 2024 07:57:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0556 39 KB
15 KB 111ms
111ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:09:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 07:09:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0556 0
10 B 115ms
114ms Image
text/plain 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?W1poEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 07:57:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2236 0
0 123ms
122ms Image
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240116&jk=2748493985392870&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 124ms
124ms Image
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240116&jk=2748493985392870&bg=!q6ilqOfNAAa8BdJLnAU7ADQBe5WfOOCULBI1BZakdMWFURa-jwTsgWvvQ3lL6DNyHxPP7a3I0ZhxDEODmp4wkjFQGPXmAgAAAHFSAAAABGgBB5kCw-oUEtbm8dDZtQpHMscz-MsUqYuf-jG4YDgvocc4mAUuAIU85iJ-qZJiqxW_QwAGyXEVGT5uD5eG3xKrdtmirrZA9luvKlwc30P0TEC8VfJNEyjDDlrB5wFlyngFzsyQ_PvfrYtcfSKBHJ4vnD1FNZ19TsBo3nignysfE3C0vnfOboU7dx9yNlIoKdQFzYZv7LK8BP7jypQ13vur81tmTSOU3xvxNVTO-Hd26n-NgokeJLaBkhG14MQoJE9yGfAhsQaOvOvJjspUFZohHjGPxN8KTFnNSyJ0snAFYxGJKG_Ko4s3NNhnsxDUVkQgIamjHtIUj09DC986PLioZ540xpErCBCFgdf2qQRbOe0lXxF_hOSYsaSTpebK4NJq8pdi3KnHeZ7Wzr_NKPxw7YQzkBjbUwwGK3lwhi1TwaafD5LkXyx3kXS73cwMX1O0xn0hCelSWrRAxKzvMSW8oKZExHNTTUjLTsLH_tBJ9msdcc5nj7R8Qf6xd8TEf11xZIU9No3LXW5cGF5B8pnwF8bW4l0DtyHkQESeoKRRTLZRFFXvATEbsVoiWBzD9kmNQzVAKDxvlPp9NJMXXmRzjQPhc3t5U58IOPmUiDCvYEj9OmiJHc6WLI8A615Psg5bk3MTLpAZN_fOUTssRtgiRJxTAVw4WZuuLMh_FF_Zpz0DT3xOofbQn8g8noc3_XDtKCtb-JHJwntpTU4kPu0ibGnz8wnMmkPD3UYCzHYFFzy1MYBl0BES-4Fjba2uaLoYflZkRogSQ6MM23fDWRjJKcy8ezzrH01_En15S842_I3DU5ADrHb7Sl8vKsMiPe9mtEd6n6l71gJcWdNjqLLUBUJvZS9UBxU7JDI272WCvjt2bo2eKdNgmvBfydj1vt-uhoL0tC7Dfc40dZuSQHjoiYWnD4gx6vXfGer5yHzyFwUrHv3PDhK5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kozow.com.getstat.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.getstat.site/	1970-01-21 03:22:04	Name: _ga Value: GA1.2.1280169661.1705564640
.getstat.site/	1970-01-20 17:47:31	Name: _gid Value: GA1.2.1451235052.1705564641
.getstat.site/	1970-01-20 17:46:04	Name: _dc_gtm_UA-186866562-1 Value: 1
.getstat.site/	1970-01-21 03:07:40	Name: __gads Value: ID=8734e2c284b53277:T=1705564640:RT=1705564640:S=ALNI_MbiMEhN-X4aRwXoFbwcYuZ55sqzNQ
.getstat.site/	1970-01-21 03:07:40	Name: __gpi Value: UID=00000db82cf5da9a:T=1705564640:RT=1705564640:S=ALNI_MaJnWVEsKVNc6ZlNUCBgDn6OoAzXQ
.getstat.site/	1970-01-21 03:22:04	Name: _ga_1N550D2FWN Value: GS1.2.1705564641.1.0.1705564641.0.0.0
.doubleclick.net/	1970-01-21 03:22:04	Name: IDE Value: AHWqTUn6Hn1QL-MMCakyR6TjKueOY-FOZPD-yMqeCHIjwE_rpzaOGw_EmuAVRR8grKU
.bidbrain.app/	1970-01-21 03:22:04	Name: uid_cross Value: 35bfe20a-b5d7-11ee-a166-c23638a99d9d
.bidbrain.app/	1970-01-20 17:46:11	Name: sid_cross Value: 3506afde-b5d7-11ee-8967-26dad92b4d84

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bidbrain.app
cdn.getstat.site
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
g.bidbrain.app
googleads.g.doubleclick.net
img.getstat.site
kozow.com.getstat.site
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
144.217.167.229
2606:4700:3030::ac43:d611
2606:4700:3037::ac43:b0a4
2607:f8b0:4004:c06::61
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c19::71
2607:f8b0:4004:c19::84
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::67
2607:f8b0:4004:c1d::9b
2a04:4e42:400::485
2a04:4e42:600::649
02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20e318cfcd1437bbf677b48ca508909fd435b821559ba9ad6e987a1fea044dec
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
373ae99829f03abae87b0ddd967c793ee99cd1ec1967144956a3b0ec86770b4b
39a1b61874ba52e465d4953bdd1f2ea9f6735a823a51ca2628c00c2ee8114b64
457010f73ee97390dea24ec81101becd2965b38e7e5aa6135f1888347bd185a7
46354e83d1f6b5f3577f3e8f258afe345de3546f07017460d450aa668eb21692
4737925386b05195b3d67c66857d5a5ae442f5fd158f08eea12d8fd67b992e80
50e90fe12ea1ff8f951d56d8261f1da632c71324a280345dc63df67eb87508b8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b44d9e10308a9bd487f53c8464c5fd782b5305830e6197ba288a35b49447f2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798
68edf98ade838a27f6ca64af76c084aeef1f8c2deff1939a8bc23d08f4fead18
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4f444da09f112d289a39e7050f2e9c61103801993fc384c3618a30e577ec3c
7431894e020842c4137aed86061bd392bf22a9bb9b950402892f7501ce4c8909
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
9086a123cccfa3b8f3ef391cc8966335fef5b058facc2260ab372c4eda0e1b65
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9918f7e977602aaa5909e5c9211d106f25b7ca678b19d17395a0eac9cc171cd5
a05debfbeaa4f876734a1ae2b02a31901467e93bcc6f961a460f62d2cfc9bb60
a3dd17c42b9fa7d2430f3074cfe688e20c132ea589cb8217758290457a0b9af1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b75407fc7aaf0ae6ab623f528a640324513783f7701a77b8e9707de8a239de38
bd765e7be903cee691b2b144b95959767e316c7ba0d578073ca52094b930082b
c5413e43c9c29beb22ac8ede9d2653b6aa1ae7748ea09da0f2541a77f241f444
cfc0fcac80084fcc9ee9e62cd96e4d419c3428838d4543e07240d8937dd3271f
d1b97714c51cc071c5fda0cf4e779a07cfdd8fcfeb53346980f672010052814a
d27e980d821ec562661f24cab514474d7be86a742b5e915fa6c7efd21e77aaf9
d4d5f38e4d69b341b5e2540a60d6e3948a92ed23487d9a49fb79514a3c25a675
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6ce2d4edef08a7d3b6df8c05cc998f2edd0e010b8b2bbe3f7b5f0f00d56ca7a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f8e7c2effb0e046210c0c3d4b97653ef111a981b4c750f0398203308092f6a51
fec0b545f7dac7692fc23cfc896b47c235dea4d7931bbf3d7378f6b7e65f4143

kozow.com.getstat.site Open in urlscan Pro 144.217.167.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

93 %IPv6

11 Domains

16 Subdomains

15 IPs

2 Countries

2344 kBTransfer

5385 kBSize

9 Cookies

32 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kozow.com.getstat.site Open in urlscan Pro
144.217.167.229 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

93 %
IPv6

11
Domains

16
Subdomains

15
IPs

2
Countries

2344 kB
Transfer

5385 kB
Size

9
Cookies

106 HTTP transactions
5 data transactions