a.sdmtkj.net Open in urlscan Pro
2606:4700:3031::ac43:b6ef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://a.sdmtkj.net/
Submission: On October 07 via api (October 7th 2023, 2:59:42 am UTC) from US — Scanned from US

Summary HTTP 96 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 96 HTTP transactions. The main IP is 2606:4700:3031::ac43:b6ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.sdmtkj.net.
TLS certificate: Issued by E1 on September 15th 2023. Valid for: 3 months.

This is the only time a.sdmtkj.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3031::ac43:b6ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:400... 2607:f8b0:4004:c0b::9b	15169 (GOOGLE) (GOOGLE)
8	40.73.71.59 40.73.71.59	58593 (BLUECLOUD...) (BLUECLOUD Shanghai Blue Cloud Technology Co.)
1	2606:4700:303... 2606:4700:3031::6815:450f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.83.153.90 172.83.153.90	201106 (SPARTANHOST) (SPARTANHOST)
2 19	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
3	23.212.148.27 23.212.148.27	16625 (AKAMAI-AS) (AKAMAI-AS)
7	23.39.174.51 23.39.174.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	2607:f8b0:400... 2607:f8b0:4004:c1b::93	15169 (GOOGLE) (GOOGLE)
1	23.40.207.176 23.40.207.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1 1	142.251.167.157 142.251.167.157	15169 (GOOGLE) (GOOGLE)
1	34.160.55.127 34.160.55.127	15169 (GOOGLE) (GOOGLE)
1	104.117.182.8 104.117.182.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
96	17

16 2606:4700:3031::ac43:b6ef (United States)

ASN13335 (CLOUDFLARENET, US)

a.sdmtkj.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 40.73.71.59 (Shanghai, China)

ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN)

www.ad.siemens.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:450f (United States)

ASN13335 (CLOUDFLARENET, US)

d.yzh.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.83.153.90 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)

cravatar.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4004:c17::9a (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.148.27 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-148-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.39.174.51 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-174-51.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::93 (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.207.176 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-176.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.55.127 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 127.55.160.34.bc.googleusercontent.com

akl-navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-8.deploy.static.akamaitechnologies.com

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	427 KB
16	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	123 KB
16	sdmtkj.net a.sdmtkj.net style.sdmtkj.net Failed	450 KB
11	media.net contextual.media.net — Cisco Umbrella Rank: 780 warp.media.net — Cisco Umbrella Rank: 2913 lg3.media.net — Cisco Umbrella Rank: 7536 hblg.media.net — Cisco Umbrella Rank: 2435 cs.media.net — Cisco Umbrella Rank: 1684 akl-navvy.media.net — Cisco Umbrella Rank: 19690	104 KB
8	siemens.com.cn www.ad.siemens.com.cn	202 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	603 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	235 KB
3	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	352 B
3	gstatic.com www.gstatic.com	17 KB
2	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 21388 qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2381	39 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	cravatar.cn cravatar.cn — Cisco Umbrella Rank: 517182	2 KB
1	yzh.li d.yzh.li
96	13

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net a.sdmtkj.net
16	a.sdmtkj.net	a.sdmtkj.net
15	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net a.sdmtkj.net
10	pagead2.googlesyndication.com	a.sdmtkj.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	www.ad.siemens.com.cn	a.sdmtkj.net
4	www.googleadservices.com	a.sdmtkj.net
4	www.googletagservices.com	a.sdmtkj.net googleads.g.doubleclick.net
3	hblg.media.net	googleads.g.doubleclick.net a.sdmtkj.net
3	www.google.com	3 redirects
3	contextual.media.net	a.sdmtkj.net contextual.media.net googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	lg3.media.net	googleads.g.doubleclick.net a.sdmtkj.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	qsearch-a.akamaihd.net	a.sdmtkj.net
1	akl-navvy.media.net	contextual.media.net
1	cs.media.net	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	pxlclnmdecom-a.akamaihd.net	contextual.media.net
1	warp.media.net	a.sdmtkj.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cravatar.cn	a.sdmtkj.net
1	d.yzh.li	a.sdmtkj.net
0	style.sdmtkj.net Failed	a.sdmtkj.net
96	23

This site contains no links.

Subject Issuer	Validity	Valid
a.sdmtkj.net E1	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.ad.siemens.com.cn DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-04-09`	a year	crt.sh
d.yzh.li GTS CA 1P5	`2023-09-20` - `2023-12-19`	3 months	crt.sh
cravatar.cn Encryption Everywhere DV TLS CA - G1	`2023-06-30` - `2024-06-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://a.sdmtkj.net/
Frame ID: 6B7F27D421BEE68A6BBBE67F41B7BBAC
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 0B357AF8F08AAF2A99450256C85B6D51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091597399145780&output=html&adk=1812271804&adf=3025194257&lmt=1696683553&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fa.sdmtkj.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696647553426&bpp=5&bdt=2453&idt=221&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2972522782892&frm=20&pv=2&ga_vid=1929406456.1696647554&ga_sid=1696647554&ga_hid=540031465&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C44801485%2C44804782%2C31078301%2C44804939&oid=2&pvsid=3683202234528459&tmod=861714328&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=256
Frame ID: 47B17736ECCF56B750A3633B2F10EF2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: D66E6D3837EBDAB0B03462C1428F1B70
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: CCE9B51A605731BAA1A33EF7CDCB0AF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 41F3524534600D164BC06C96ABCC4A90
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4B2B47A4C81376D49140E3E866CDA233
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: 2A4E76CF4A1FA63216FBBABEB5906263
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BD5DA382B4096F97B9BE0F2BADAE4EFA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 88E70604039E048BD962C2438C39B2D8
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2EF281809586B15457C226C60CBA8097
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 134476103CDC1C5713EA076EB10131B8
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2950&&kkdd=nW%7C3%7CAHn9*&En=zKbKKUNBBBzkzzuKNbU&)Si(=h&PJiA=h&wSE=zhkK&cJwo=Z*Nb&wnS=kXDNrNNz1&wiwS=rwd)la-R7t1-jz776((tws%3D%3D&w(nS=UkzbNNb*B&JnYo=zKhaKhh&ww=D8&Jw=.Z&wImP=_ygC4fv&inS=kp4KNgvu8&cinS=~z1uKKk&IcciJ=z&(((=cYg6IZw26Zk._ZWaQKloU.kDUaFT6l0u&mJo=B&2s=z&R)S=U&AScz=kXDDbt.k_&ASc*=zzK*zzhbz&TSAcA=JS*%3DmR22VnR(272%3DzhVl)o(iP%3DhM*BVSlP7T%3DhMKbVJwS%3DH2V(Ao%3Dh%2ChVSlP72%3D*hVE2*(7JS%3D*h*uzhhKzhVnR(27T%3Db*UMubVR(27cqw%3DhVR(27(*A7T%3DhVJcS%3DAJsnHc7u7IlJcV(Ac%3DhMhhh%2ChVni%3DvlS_qiHmbjqnHAUpvPJ1CVHTT%3DhV(nniRA%3D*%2C*V(w%3DzV(iJ7JS%3D*h*uzhhKzNV(ASE%3DhMhhh%2ChVR(27T%3DzMhkVE2*(7R(27T%3DhVR(272%3DzhVJ2E%3Du*MKzV)wAc%3D6zVTT%3DzbKVo(iP%3DhM*BVE2*(7R(27qw%3Dh1hViJn7w%3DzK%2C*%2Ch%2Czh%2Ch%2Ch%2Ch%2ChVTP%3DzViJn7S%3DNBhV(qo%3Dh%2ChVAui7T%3DBMUk%2CKhMz*VJS%3DhVRnS%3Duubkn_ZtZkIS5qk)5rVwE2*(7T%3D*MzVTcS%3D**UhbhKbkKzKKKh*zUUkzhkhzhkUNhUU*NhNNhbhKN**BzKbuhhBbBzhuuUhb*zNuBbzNbNKbNhzhkNKzBbzzhuzk*hz*BuUkKuhB*kVRnP%3DhV(qc%3DhMhhh%2ChVl)S*i7T%3DhMbkVJJ%3DfyVww%3DD8VqT7S2%3Dm%2FAVRns%3D6zVwo%3DhV(wE%3DUuMzKVXL%3Duh*zVqT7Rw%3DzVmcJ%3D*VqT7R2%3DYIVqT7wwqJ%3DhVwc%3DcAPiAVTJJ75~O%3Dfy%2CfyVTAJnJ*%3DzbKVTAJnJz%3DzbKVqT7cc%3DhVSw%3DkVE2*(7T%3DBMUkVcc%3DNBhVR2P7i%3DhMhKzVEs7oaw%3DhMb*VEnJ7JS%3DzBkVR(27(iJ7T%3DKMKUVSw*%3DzVE7AJm%3DbhhbV2AJc%3DVwEl)%3D*MzVEnJ7R(27T%3DhMBBVE2*(7n7JS%3D*h*uzhhKzhVEnJ7R(272%3DhVoc%3DzBVE2*(7n7T%3DhMhuVEnJ7T%3DNN*Mz*VE2*(7R(27En%3Dz16zKVR(27cEn%3DhVEE%3DhVwE2*(7JS%3DzBUV(HE%3DUuMzKV2*(7T%3DzhhhV(ASi%3DhMhhh%2ChVJnS%3DUkzbNNb*BVR(27(iJ7qw%3DhVqT7J(w%3DqTTVEsR%3DhMb*VS*i72%3DzhVwE2*%3D*MzVuiwH%3DzhhhVl)7PJI%3DhMhbVSPP7Jc()%3DIA(PlmjVS*i7T%3DzV(iJ7T%3DKhMz*VR(27J(iJ7T%3DKMKUV(qsi%3DhMhhh%2ChV(qsS%3DhMhhh%2ChVnJgoH%3DhVnJnH%3DhVR(27(iw7T%3DhVTnS%3DhM*BVqT7ic%3D_lPoiA)oVR(27(iJ7(E%3DhVwTSi%3DhMhkhVncjio7nS%3DzNVJo22o(7cA)7nS%3DAJsnHc7u7IlJcVJRii2j7cA)7nS%3DVSocowcoS7cA)7nS%3DAJsnHc7u7IlJcVEnosATn2ncj%3DhMb*VilJ%3DzVAw7cjio%3DzVAST2q%3Dzkz**NzkhuVAPi%3DzVl)TnS%3DhM*BhVTH2(%3DhMhzhVJRnS%3DVScw%3DsoJc7l(VSPP7o(iP%3DHA2JoVSPP%3DIA(PlmjVTSiwAiS%3DhVSA2)%3DRmnJlm*KVJlTi%3DVanS%3DyWF6iRT6NhbzBbNubbzUBNkhVIcP2%3DzVAS7ilJ%3D%7B%22c%22%3Az%2C%22i%22%3AU%7DVSwRc%3DNhVSl)T%3Dh6zVowi7RJoS%3DTo2ls7d*BVowi7i*B%3DhMBbkzBNzuNBhKhbBuVowi7iBh%3DzMBhUuBbzNUBbUuNBKVowi7iKh%3D*MhNzhu*KhUU*hkhzVowi7iNh%3DuMzUNbKKhK*hNK*bkVowi7iNB%3DuMbzNK*hBUBNKhukUuVowi7ikh%3DBMz**ukNk*NUhbhBuVowi7ikB%3DKMNuKzBBNhkhzuKKbVowi7ibh%3DbMkNUkNuhzb*UbKB*Vowi7ibB%3DzkMKBbb*bhN*b*ukzKVowi7ibb%3DKzMBkNUu*BuzBKNkBKVnTw%3DzVmJY%3D*Vc)J%3Dz*haKhh%7CzKhaKhhVTJT%3DhVTJi%3DhVcPa%3D*h*&mcE=h&PPP=RFlJfHLWd1q%3D&ns=h&nmLH(=z&TS(LS=UKh&PwH=u*zU&jSJi(=z&TAo=-UAUUfd-Y%2F&qAci(o=z&qAcTnS=6zh*&wASlPAnm=cYg6IZw26Z6_8IfU*6RRHSmB4FI*nXhfKdSu*jUL8wx94_x7qjxlY)%3D%3D&nJnS=B&ASE=LmEoJcl(%20.lwRJ&i)nS=izKhhUBk**uc*h*uzhhNh*Bb&JJ2S=%7B%22JJni%22%3A%22*hhz%3AhBBh%3AzShB%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22JJww%22%3A%22D8%22%2C%22JJJw%22%3A%22.Z%22%2C%22JJwcj%22%3A%22cAPiA%22%7D&IcP2J(w=z&ure=1
Frame ID: DC16BEA86F2A18A755672F796651FA93
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: A7D7A890BC8A5D6B5A389968F8B2EFF4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: 33587413FE27C812CEF8F75EFBF12868
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: E970E4DAFD4166067E88EFC45EF3ED31
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js
Frame ID: E0F2F998878274EDF349CEFBEE0A63A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

自动化

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

95 %
HTTPS

50 %
IPv6

13
Domains

23
Subdomains

17
IPs

2
Countries

1602 kB
Transfer

3703 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CcVvBgckgZb3SLv6a2OMP6L2YwAak9MWzc_HR5vWyEfLs0uCyARABIL7NwAhgyYaAgNyjxBCgAcv48eYCyAECqAMByAPJBKoE3wFP0JQ0nsa1vpNGJ_i01tscSmNMLc6Z5jabqoJNEMhd4Zz_A7Ry_-dycpRKVYfxMIRE_P5KSh0g2Qyut1YKBKPB6njnD_l2iOsiZepdTYheWsrybz8h6VaLAQbtnPWgcXuv5WnjnIAArwohB4PPr_mUYHIN0MCOmTYAr4_mUcUUctFvCJHV06kyoYvVi17w-g-pgNWxS9Vy3McSV-L38CxP85JlNcrKIn1Y0s7SttfYNjHVVIICLc1ju4TKeTzl_XOOwggeUO7SO2x0JUp4-1Ve5G4UjJT13qwAVp30p-OlwATq45HQrgSIBYOM149BkgUECAQYAZIFBAgFGASgBgKAB52HjpkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpMkE0ggUCIBhEAEYHzICigI6AoBASL39wTqaCThodHRwczovL2NhcGl0YWxvbmVzaG9wcGluZy5jb20vam9pbi1jYXBpdGFsLW9uZS1zaG9wcGluZ4AKAcgLAdoMEAoKEIDr4fudk_v0FxICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItNzA5MTU5NzM5OTE0NTc4MBgA&sigh=Pd5jbqEL2-g&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNmbML3oyR_VRqB0uMaWsYhT1rujBTcyf27oBgm-akiTd8gPccyBqL7XhLch_UaxeOPJC0CYB6gemXLBDT-wjGth2ZKrLHnu0YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220x919bf5c4a507a2480000000000000000%22,%224%22:%220xd98087ec7082604c0000000000000000%22,%225%22:%220x6aa4902334c88ca60000000000000000%22},%22debug_key%22:%2213295231937410771464%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22752647243%22],%224%22:[%2210-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223466854974810681889%22}&andc=true

Request Chain 81

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzM5NjQ5MTU1MTUyNDAwOTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKhL4zX8U_2fdaxesKZotik&google_cver=1

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw7wHgckgZbzSLv6a2OMP6L2YwAaj7afdcOG85_WyEdKwz9KUDhABIL7NwAhgyYaAgNyjxBCgAcv48eYCyAECqAMByAPJBKoE4QFP0EQb-kNQy3AAFMUA2ttoFdcfNq_ROHI0QQIWwUf0JLyv1UX9C55MxP2JP3QPkOj_zbcUnOAgNy5R5q1YohsP5aKRfZTdAZvTZN5PbzhmYG-rCsFeiEbY6NBnSug6wTTDpFcPUTSUJutoX98ryIiXZC1ag_qz1ttvEcsb_nr8H5VlTovPGNsf2bO3qxokr5iVXABmQHXDSoB-7c0OuOkcvM5TLtIbARdvib8jKJwVQFmOn8YDnfvnSE0AtqzIXt67AvEQDmQgoKmgB3ZefmxV4CXW1AOe0dp0WKlXBx942FvABIv6zfyhBIgF49qY6EmSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHnYeOmQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDssgLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJOGh0dHBzOi8vY2FwaXRhbG9uZXNob3BwaW5nLmNvbS9qb2luLWNhcGl0YWwtb25lLXNob3BwaW5ngAoByAsB2gwRCgsQgMDktfDSuJa3ARICAQPYEwzQFQGAFwGyFxwKGggAEhRwdWItNzA5MTU5NzM5OTE0NTc4MBgA&sigh=0l_ojm7F8Ls&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNmbML3oyR_VRqB0uMaWsYhT1rujBTcyf27oBgm-akiTd8gPccyBqL7XhLch_UaxeOPJC0CYB6gemXLBDT-wjGth2ZKrLHnu0YAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220xe4bd4c4187addf300000000000000000%22,%224%22:%220xd6601f57e8e222360000000000000000%22,%225%22:%220x6aa4902334c88ca60000000000000000%22},%22debug_key%22:%227313142138281937027%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22752647243%22],%224%22:[%2210-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223983832905649608433%22}&andc=true

96 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
a.sdmtkj.net/ 34 KB
7 KB 1633ms
435ms Document
text/html 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa3382a55d9b99db528067cbd9aaf2a6619a1e1968b2034d9b95996b147b5bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8122e2f5ca6c2257-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 02:59:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uej8WYWJutjFslgrxPd9b9JqQe5tr%2BktdXTx%2FaRJlKCveVJh27fgelNi7RIEj6fPXGtBpy6S8HuVMrSQNj7G%2FepMUUHmDfz%2BghNL%2BeAa%2FjCdV60%2FtYzjnBolvlc58aTHFiluohgjV9BwlIk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
a.sdmtkj.net/content/templates/stu/css/ 62 KB
13 KB 749ms
748ms Stylesheet
text/css 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/css/style.css
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9944d4fb0a3fddcfb6b6baccd4ca9aa8923d856102b933b2da0a1d52f15b83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-f97b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJU%2Bkf79S2T1mx2DzSN%2BsGv3llWmeEWw7intTBwhiv5umcGMKYsP429U2NQDJh9CNmPfAMuYNMDkIgvMwxy3N13O7t7s%2BVTgSctLtEX72z4HZ93kBfIYwTG0szcuGmTUcRWScEJmmI1E1Zk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8122e2f9ae942257-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.2.4.min.js Show response
a.sdmtkj.net/content/templates/stu/js/ 84 KB
31 KB 761ms
760ms Script
application/javascript 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/js/jquery-2.2.4.min.js
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-14e4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ghK2iVqGO2XOUKu1e7FL37bCLdlQ5GGqvKQmK94vk3O%2FfUGcfz8HFC3SSc1bqwXjOX8BuePSkvp5dyjHicRAsr4Eky2%2FTgwDLrG6%2FulqPEHRWhVjro5n0TbP6R%2F2zUTiJHlJMCO5BoZmrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8122e2f9be992257-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 markdown.css
a.sdmtkj.net/content/templates/stu/css/ 2 KB
939 B 396ms
396ms Stylesheet
text/css 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/css/markdown.css
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ac20905640bfabbe441ace41c3cb9cbd0b15c5ecd613bd69a45e59a4e32a1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRp7tdro5uPuiurOi9DsPeBTQRIGIzY5k0tVaMWfLnKukKRPP1aOh56fg8m0I%2Fw3XukJkz5ZY3O44tY%2Bn1WgFg4I1jXAyCgz%2FteFGBFaKzduUaPbbAZa2zunvuI3tGkVZYB8BRpd2UNVFZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8122e2f9be982257-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 common_tpl.js Show response
a.sdmtkj.net/content/templates/stu/js/ 6 KB
2 KB 395ms
394ms Script
application/javascript 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/js/common_tpl.js
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2a08e307666a1ef83cf84bda431a88c8f91cfe5ba2fe96fa1daf80651d5bf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-16ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1oe1m4FFcr%2FbehGkcuG1AwmIwlhaQLUV3ggSuAvXobGj28RnOJ3kP%2B%2FrqKXV%2B%2FolpgHCkv%2BWdRxEUOSH9%2FQZN7ctYgkcmSh88bfz0PLyvHmdXKWm5pzMbDjYQIMDxMpDJe6TDrykgoqzqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8122e2f9be9a2257-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 213ms
96ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34f21d5006083af518abb1d97998dc48a494a836ff06ceb311af1b59abc6f61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50834
x-xss-protection: 0
server: cafe
etag: 17728731793263782392
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:13 GMT

GET
H3 200 blogoimg.png
a.sdmtkj.net/upload/tpl_options// 236 KB
236 KB 780ms
777ms Image
image/png 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/upload/tpl_options//blogoimg.png
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b36888f2f506af18ebb9927b27d81f32aae76e3d546cf71144cd532a684b460

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 01:57:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63bf6917-3afad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO7Kke3DR4cWbICjqLcuuj%2Bfk2xHsz2C2Tb2gDOg0XDRb0VRZu4Xzyf2bDF7RsSPOIqdlW%2FPGwx2cEaKHQKFy6%2B2C0H1yUwpqgRST1x1Y2UdMS60pQZBaw0nQPXbrcV%2FPhU6rKNjd2R9q5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8122e30718e25f1f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 241581

GET
H3 200 avater.png
a.sdmtkj.net/content/templates/stu/images/ 879 B
1 KB 392ms
390ms Image
image/png 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/content/templates/stu/images/avater.png
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5ceebe91010b8ecc58f7f1877dbd9ad53c72e15a97efd12b8fa98a1486eda3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62dbf542-36f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FBE4MdsIOw9Y9dCSf6ij0CVPMOVlrPFOjNGxgSjeITUPsxIG3i4eJsOKKZFO%2BrFNJeUPPgMo%2B11lp4Lwq2ulHc6YBXNFvl3dY9reH3rJdHiBN3UGjfSsJLmsc%2Fx32D%2BdsGz7XJboVJyMp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8122e30718e35f1f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 879

GET
H/1.1 200
OK 6-1.png
www.ad.siemens.com.cn/productportal/Prods/S7-1200_PLC_EASY_PLUS/07-Program/01-operation/images/ 57 KB
57 KB 3608ms
478ms Image
image/png 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/S7-1200_PLC_EASY_PLUS/07-Program/01-operation/images/6-1.png
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7f7954d1bd9ba5009e45077bd7cd270445cd3fb5101184ad0abd89ee39ff33ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Mon, 24 Jun 2019 10:26:28 GMT
Server: Microsoft-IIS/10.0
ETag: "0625048772ad51:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57878

GET
H3 200 4.jpg
a.sdmtkj.net/content/templates/stu/rand/ 9 KB
10 KB 398ms
396ms Image
image/jpeg 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/content/templates/stu/rand/4.jpg
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547424707979a3481886637fb7f1b3815fa0b64df631818e38d68373e7cc6b22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62dbf542-2543"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEjS%2BrrQkiXZy5S59qB4A5JbCuK%2BvBDKDgYL4bvUzvai2WJ%2FnIeE9pF9lw1QjZthwsnAZBJi5cvQKDloE0rviX9DP9yGxOjxLjkJ3%2BSTSKMdCLlY740fftyH2n0Lt%2FPapLqytT4dYrhsK74%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8122e30718e45f1f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 9539

GET
H3 200 6.jpg
a.sdmtkj.net/content/templates/stu/rand/ 7 KB
7 KB 391ms
389ms Image
image/jpeg 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/content/templates/stu/rand/6.jpg
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42c58d1418a3ddd5ea540894ca5049e8098e3ae7ce2cfa70c44323255ddde229

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62dbf542-1bca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UZkJYrbgnHuoSXaJWpBVaP56XLrboQ9hYNvAaCt5OpVpAfjkHn8Ldgoz%2BzWWYSoGaerFy1SIISwtGBtbfaQgnd7XmTpYaxcRrLvgCfLCVaX5bKtRA7aRKuNVBZtuU4wANvlXpNOvAnfxr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8122e30718e55f1f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 7114

GET
H3 200 side.js Show response
a.sdmtkj.net/content/templates/stu/js/ 11 KB
4 KB 436ms
436ms Script
application/javascript 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/js/side.js
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3154a07914e3b7b29829285e1281af372cb90b9da7d42e6d553eb399937680

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-2ccb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUDpp10IYC%2BeDmDpN9zKlybFVHy095Se1uoNOFrXZ8b3ToVC5rJv0%2B%2F40bJFOj0OpKZzfKjjR%2F8nuzJbistnkbh7h5VA1bsPvfJOZ%2Bnv8KEFrSaYY3IqXkJCBhkPBCMyYwfe4KnznHb3Feo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8122e2fe6bd85f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tui.svg
a.sdmtkj.net/content/templates/stu/fonts/ 1 KB
1 KB 421ms
419ms Image
image/svg+xml 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/content/templates/stu/fonts/tui.svg
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd83f84e54c8b3c7d513d9b23eb96f3ca718e2ac971bf3e6bc0ec144ed3aff28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-5f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra8g4NdJQJPovcDItFm5%2B6KLX9i56TZHxyGrIEJffjL5IqJbucR8W3nzaJGSIH3hPyLNTtV%2BKrZiVA2YwzAYjzSJCaUQdie1MCszhA4b5a8zm4OzzUJWfmnGXnCaE6mzXhy136k%2FeNaUfY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8122e30718e65f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK rcv_clip_image002.gif
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/communication/serial_port/freeport/image/ 3 KB
4 KB 3383ms
246ms Image
image/gif 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/communication/serial_port/freeport/image/rcv_clip_image002.gif
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44a165fda7b94826122462acb88d30aff45fb91a3f030cd7def85461c1f33d10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Wed, 14 Jan 2015 08:31:16 GMT
Server: Microsoft-IIS/10.0
ETag: "0626a76d42fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3564

GET
H2 200 tBUo8W
d.yzh.li/ 0
0 2479ms
891ms Image
text/html 2606:4700:3031::6815:450f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.yzh.li/tBUo8W
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:450f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H/1.1 200
OK communication.GIF
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/Microwin/Getting_started/200_SMART_485upload_download/pic/ 9 KB
9 KB 3382ms
242ms Image
image/gif 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/Microwin/Getting_started/200_SMART_485upload_download/pic/communication.GIF
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2168c3e99eb56ea9b678e5f67c7845b9e393b0a3751f95c29befd0c4be184a6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Sun, 13 Aug 2017 01:40:34 GMT
Server: Microsoft-IIS/10.0
ETag: "015c427d513d31:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9009

GET
H/1.1 200
OK Question_Mark.jpg
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/Microwin/Getting_started/images/ 10 KB
10 KB 3390ms
242ms Image
image/jpeg 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/Microwin/Getting_started/images/Question_Mark.jpg
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b11c5197e82e6bd9c947c7cfb528bdba6150a50ea5e54cfbaf17545edcafcefa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Wed, 01 Jun 2016 05:14:24 GMT
Server: Microsoft-IIS/10.0
ETag: "0381c76c4bbd11:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10061

GET
H/1.1 200
OK firmware_upd0.PNG
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/Microwin/Getting_started/software_firmware_upd/image/ 27 KB
28 KB 3630ms
474ms Image
image/png 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/Microwin/Getting_started/software_firmware_upd/image/firmware_upd0.PNG
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e403730b26c192b9923275d09607dab18bdfe3c21ef523106cd8f00784000687

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Mon, 14 Aug 2017 05:06:42 GMT
Server: Microsoft-IIS/10.0
ETag: "0dd141ebb14d31:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27708

GET
H3 200 48.html
a.sdmtkj.net/200smart/ 14 KB
14 KB 453ms
452ms Image
text/html 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/200smart/48.html
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rBrkP28%2FVRlBaaNOadglBbIw5DSauI9CwSNN4diVFOQYgfYw8lY2EyEtlEPizKbmKaU5m8O9QQThZdpR%2BPlPIFXRe9UjJZZbUnqb%2FPX9TSoQU18uO%2FZ0kHa5Ba6fEZjfn98XCTsbYaz05o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8122e30718e85f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK project%20password%201.jpg
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/software/password/image/ 22 KB
23 KB 3726ms
527ms Image
image/jpeg 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/software/password/image/project%20password%201.jpg
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6750ae8f8005fe0140daaaf2a5af0b5ad33564e8031e294ce973ae2331a3e10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Fri, 24 Aug 2012 01:12:44 GMT
Server: Microsoft-IIS/10.0
ETag: "0e9e909581cd1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22873

GET
H/1.1 200
OK System%20security.jpg
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/software/equipment_config/config_system/image/ 71 KB
71 KB 249ms
249ms Image
image/jpeg 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/software/equipment_config/config_system/image/System%20security.jpg
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b056c3903c85a89c7102b8f63f0fcd12e201607832ee5efc8c04060c778f565a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Fri, 24 Aug 2012 01:31:56 GMT
Server: Microsoft-IIS/10.0
ETag: "04e433f9881cd1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72272

GET
H/1.1 200
OK 3.gif
www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/images/ 329 B
600 B 247ms
247ms Image
image/gif 40.73.71.59
BLUECLOUD Shangha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad.siemens.com.cn/productportal/Prods/s7-200-smart-portal/200SmartTop/images/3.gif
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.73.71.59 Shanghai, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2bbb64ac6b21c2e0e6be368fb630f5f574c86787588ee95c007531325881cddf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:16 GMT
Last-Modified: Fri, 14 May 2004 00:48:06 GMT
Server: Microsoft-IIS/10.0
ETag: "0277d1e4d39c41:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 329

GET
H2 200 d41d8cd98f00b204e9800998ecf8427e
cravatar.cn/avatar/ 1 KB
2 KB 1400ms
109ms Image
image/png 172.83.153.90
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cravatar.cn/avatar/d41d8cd98f00b204e9800998ecf8427e?s=40

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.83.153.90 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Cravatar-Web /

Resource Hash

4f40a7bc63ceacdc8c161c2088714574c49036e6533c1ae48dc963715700b45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:14 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
x-cache-status: HIT
avatar-from: default
last-modified: Tue, 25 Jul 2023 16:50:07 GMT
server: Cravatar-Web
vary: Accept-Encoding
by: cravatar.cn
content-type: image/png
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length, Content-Range
cache-control: max-age=300
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type

GET custom.js
style.sdmtkj.net/stutimes/ 0
0

GET hc-sticky.js
style.sdmtkj.net/stutimes/ 0
0

GET
H3 200 fonts.css
a.sdmtkj.net/content/templates/stu/css/ 34 KB
8 KB 614ms
614ms Stylesheet
text/css 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/css/fonts.css
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/content/templates/stu/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e55850a9e3ccfd95640925b9cc5196225d24cad5e40650c9fc1f92b9add66a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/content/templates/stu/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62dbf542-8865"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csUSroeCvqjZBFN0nUB2%2FiISpCjV0UgpEyM28VxnSiRVlJmRkQiLHhORqwyiqbgy6BBmORu3tNbETxbIx%2BqC3QUjjP3fezzKwPx3YZ4%2BLE9heDuLr4cwbV%2FWj2ViEySy6kwUBp75to2Ux54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8122e2fe6bdb5f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bg.png
a.sdmtkj.net/content/templates/stu/images/ 70 KB
70 KB 742ms
742ms Image
image/png 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/content/templates/stu/images/bg.png
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8e0fdd2b5dbfa9847dbc35226f752ff361d60e44876e3066fcd6fc906a81c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62dbf542-1171d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgTJkQSd4%2BAMJiucY9dgkTXnjnDm7C%2F0v7Yot5bmJsktM7ppY%2FiB9HG2FfZwm7EBvPGkqjI6g4ov6NnS8XEINto84YzWQy2d4NIGMnRpcOlmQrwu%2FqBHw23%2Fzxp7QRTWJ1%2B2N7dlPw9bwgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8122e30718f05f1f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 71453

GET
H3 200 icomoon.ttf
a.sdmtkj.net/content/templates/stu/fonts/ 14 KB
10 KB 414ms
414ms Font
text/html 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sdmtkj.net/content/templates/stu/fonts/icomoon.ttf?f9aoc9
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/content/templates/stu/css/fonts.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72ef2d93de69193c846feb5d32b0fee6ffe732dd4bf8f2db53390ef951c23e1

Request headers

Referer: https://a.sdmtkj.net/content/templates/stu/css/fonts.css
Origin: https://a.sdmtkj.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Jul 2022 13:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbz%2B4WXS0ND%2FmuoIQsGBeP3wiKD9QCSffojeB4JT0AKVe0QriBQFgPait%2F%2FGzvSqypsZd8C8y53oAFX2dQYX8cAUZoNuEb39kEMjUlkmJCAConukpjwhzVjnLtROaGfKouFkdcJYhvsTzU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8122e30718f85f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 /
a.sdmtkj.net/ 34 KB
34 KB 522ms
521ms Image
text/html 2606:4700:3031::ac43:b6ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sdmtkj.net/
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b6ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY6eZ4EgsKuXYuSM%2FfKAUbVMhrxerin0Qf%2BJj0TA3Ha8DWXaxN4T7GWwGW9Arlq%2BAXYDmGyw9n6zoDEFMoup1vGsx7X1gM6V9Oaz523BPKJsPKQAW6Kp6DL7zetQ1uQLlavMX2pbbJqErgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8122e307493a5f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 389 KB
132 KB 96ms
95ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84464074fb580186f5564987d29422b8b6df50ce8c15d29ff621e3f18e01978b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135141
x-xss-protection: 0
server: cafe
etag: 8196354775565525060
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 0B35 10 KB
5 KB 164ms
54ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.sdmtkj.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 84375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:32:58 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 03:32:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 172ms
63ms Script
text/javascript 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=a.sdmtkj.net&callback=_gfp_s_&client=ca-pub-7091597399145780

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf39f227c14b8f3070bbb850c4d0a8b209d3b74672378322a49617de5591e908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47B1 522 KB
100 KB 744ms
742ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7091597399145780&output=html&adk=1812271804&adf=3025194257&lmt=1696683553&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fa.sdmtkj.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696647553426&bpp=5&bdt=2453&idt=221&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2972522782892&frm=20&pv=2&ga_vid=1929406456.1696647554&ga_sid=1696647554&ga_hid=540031465&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31076838%2C44801485%2C44804782%2C31078301%2C44804939&oid=2&pvsid=3683202234528459&tmod=861714328&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=256

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb244a678b6de10843eb127e318d7997b9495f826bff45be4de1c9f5f6173a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.sdmtkj.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101999
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:14 GMT
expires: Sat, 07 Oct 2023 02:59:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=header&cls=header-navigation&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 153 KB
52 KB 80ms
79ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a68ede237604cf9328dc697bfcd2a0251eeab9eb4c511396e0d64ed8a090fde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a.sdmtkj.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53307
x-xss-protection: 0
server: cafe
etag: 8449349811037046117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:14 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame D66E 10 KB
4 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.sdmtkj.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 86109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:04:05 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 03:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame CCE9 10 KB
4 KB 54ms
54ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.sdmtkj.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 86109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:04:05 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 03:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 41F3 10 KB
4 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.sdmtkj.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 86109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:04:05 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 03:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 4B2B 10 KB
4 KB 57ms
56ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a.sdmtkj.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 86109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:04:05 GMT
etag: 2603938475786422795
expires: Fri, 20 Oct 2023 03:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame D66E 4 KB
1 KB 180ms
65ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 01:41:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 02:59:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D66E 205 B
296 B 172ms
56ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:07:06 GMT
x-content-type-options: nosniff
age: 172328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 03:07:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D66E 604 B
1 KB 171ms
56ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 02:48:40 GMT
x-content-type-options: nosniff
age: 173434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 02:48:40 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame D66E 15 KB
7 KB 217ms
102ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:57:34 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame D66E 20 KB
8 KB 225ms
111ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:45:04 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 2A4E 99 KB
38 KB 204ms
71ms Script
text/javascript 23.212.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.148.27 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

989fe38b5ed726c69652cef9d2de00926bcfe948bf795791cef9a87a3455a300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-mnt-h: 22-cnr1
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 07 Oct 2023 02:59:15 GMT
server: Apache
etag: "625a8abd9786295d002b422eb94c7537"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-cnr1
timing-allow-origin: *
content-length: 38278
expires: Sat, 07 Oct 2023 03:04:15 GMT

GET
H2 200 release-20230823-110-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 2A4E 72 KB
25 KB 231ms
97ms Script
application/javascript 23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230823-110-adperformance.js

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-51.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

4ce9f81b56777ca98376cd7e29fe960ae0bde99fe0c4824cbd1bc4227f5794d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sat, 07 Oct 2023 02:59:15 GMT
x-guploader-uploadid: ADPycdv0_st6l97LAZciq1UMm_aXhFvbgP6BYreXRO-4LhdCMHJZQ7LTN1T1smmy-E0mwvaRm_E6bC0gPvmlqXfK8Uknhw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25093
server: UploadServer
etag: "e0efafc336ec00578ef1e26d889bf129"
vary: Accept-Encoding
x-goog-hash: md5=4O+vwzbsAFeO8eJtiJvxKQ==, crc32c=AAyNXg==
content-type: application/javascript
x-goog-generation: 1692818194940975
cache-control: max-age=3600
x-goog-stored-content-length: 73239
expires: Sat, 07 Oct 2023 03:59:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2A4E 3 KB
1 KB 182ms
121ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2A4E 20 KB
8 KB 126ms
65ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A4E 187 KB
59 KB 62ms
56ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 41F3 23 KB
9 KB 167ms
122ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BD5D 143 B
166 B 55ms
54ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:13:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 41F3 3 KB
2 KB 95ms
54ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 41F3 20 KB
8 KB 95ms
55ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:53 GMT

GET
H2 200 15476810652428231288
tpc.googlesyndication.com/daca_images/simgad/ Frame 41F3 16 KB
16 KB 171ms
133ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15476810652428231288

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714caeebfa40e7dbd6d7cb7f36b1aae2ac20ce63bca0e9974430538635356422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:02:48 GMT
x-content-type-options: nosniff
age: 240986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16258
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 09:42:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 08:02:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41F3 187 KB
59 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 41F3 36 KB
15 KB 204ms
166ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:37:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 4B2B 23 KB
9 KB 167ms
160ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 88E7 143 B
166 B 59ms
56ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:13:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4B2B 3 KB
1 KB 154ms
153ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4B2B 20 KB
8 KB 145ms
144ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:53 GMT

GET
H2 200 16156272816787907766
tpc.googlesyndication.com/simgad/ Frame 4B2B 22 KB
22 KB 178ms
175ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16156272816787907766?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql05QavAnYUfHrXpHDAPae66tQi-Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52eddc03e239ed803badad64b5af87f0ba0c285248cdb4e50fe32858ad7b27e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:18:39 GMT
x-content-type-options: nosniff
age: 240035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22813
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 14:14:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 08:18:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B2B 187 KB
59 KB 61ms
57ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:14 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4B2B 36 KB
15 KB 168ms
165ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:37:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BD5D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
70ms

Document
text/html

2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:15 GMT
expires: Sat, 07 Oct 2023 02:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2EF2 14 KB
1 KB 66ms
65ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Oct 2023 02:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 01:41:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Oct 2023 02:59:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2EF2 2 KB
950 B 109ms
109ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 2EF2 23 KB
9 KB 108ms
108ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1344 143 B
166 B 56ms
54ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:13:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2EF2 3 KB
1 KB 116ms
113ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:35:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2EF2 20 KB
8 KB 111ms
108ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EF2 187 KB
59 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 02:59:15 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 2EF2 37 KB
16 KB 57ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 03:01:41 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 88E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
70ms

Document
text/html

2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:15 GMT
expires: Sat, 07 Oct 2023 02:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B2B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53b36233c151d3f4e3dd72cfc8e2ab8b1d3af5bf4ea8cbeb33a5bca365bedad7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1344
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
64ms

Document
text/html

2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:15 GMT
expires: Sat, 07 Oct 2023 02:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 02:59:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 2A4E 119 KB
39 KB 200ms
63ms Script
text/javascript 23.40.207.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.207.176 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-207-176.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 55d7781b8c607a7c2883823a7b6a83df9d9d099069dedb67655fd8485ccf91c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 07 Oct 2023 02:59:15 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 39752
Expires: Sat, 07 Oct 2023 03:04:15 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame DC16 78 KB
30 KB 231ms
230ms Document
text/html 23.212.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2950&&kkdd=nW%7C3%7CAHn9*&En=zKbKKUNBBBzkzzuKNbU&)Si(=h&PJiA=h&wSE=zhkK&cJwo=Z*Nb&wnS=kXDNrNNz1&wiwS=rwd)la-R7t1-jz776((tws%3D%3D&w(nS=UkzbNNb*B&JnYo=zKhaKhh&ww=D8&Jw=.Z&wImP=_ygC4fv&inS=kp4KNgvu8&cinS=~z1uKKk&IcciJ=z&(((=cYg6IZw26Zk._ZWaQKloU.kDUaFT6l0u&mJo=B&2s=z&R)S=U&AScz=kXDDbt.k_&ASc*=zzK*zzhbz&TSAcA=JS*%3DmR22VnR(272%3DzhVl)o(iP%3DhM*BVSlP7T%3DhMKbVJwS%3DH2V(Ao%3Dh%2ChVSlP72%3D*hVE2*(7JS%3D*h*uzhhKzhVnR(27T%3Db*UMubVR(27cqw%3DhVR(27(*A7T%3DhVJcS%3DAJsnHc7u7IlJcV(Ac%3DhMhhh%2ChVni%3DvlS_qiHmbjqnHAUpvPJ1CVHTT%3DhV(nniRA%3D*%2C*V(w%3DzV(iJ7JS%3D*h*uzhhKzNV(ASE%3DhMhhh%2ChVR(27T%3DzMhkVE2*(7R(27T%3DhVR(272%3DzhVJ2E%3Du*MKzV)wAc%3D6zVTT%3DzbKVo(iP%3DhM*BVE2*(7R(27qw%3Dh1hViJn7w%3DzK%2C*%2Ch%2Czh%2Ch%2Ch%2Ch%2ChVTP%3DzViJn7S%3DNBhV(qo%3Dh%2ChVAui7T%3DBMUk%2CKhMz*VJS%3DhVRnS%3Duubkn_ZtZkIS5qk)5rVwE2*(7T%3D*MzVTcS%3D**UhbhKbkKzKKKh*zUUkzhkhzhkUNhUU*NhNNhbhKN**BzKbuhhBbBzhuuUhb*zNuBbzNbNKbNhzhkNKzBbzzhuzk*hz*BuUkKuhB*kVRnP%3DhV(qc%3DhMhhh%2ChVl)S*i7T%3DhMbkVJJ%3DfyVww%3DD8VqT7S2%3Dm%2FAVRns%3D6zVwo%3DhV(wE%3DUuMzKVXL%3Duh*zVqT7Rw%3DzVmcJ%3D*VqT7R2%3DYIVqT7wwqJ%3DhVwc%3DcAPiAVTJJ75~O%3Dfy%2CfyVTAJnJ*%3DzbKVTAJnJz%3DzbKVqT7cc%3DhVSw%3DkVE2*(7T%3DBMUkVcc%3DNBhVR2P7i%3DhMhKzVEs7oaw%3DhMb*VEnJ7JS%3DzBkVR(27(iJ7T%3DKMKUVSw*%3DzVE7AJm%3DbhhbV2AJc%3DVwEl)%3D*MzVEnJ7R(27T%3DhMBBVE2*(7n7JS%3D*h*uzhhKzhVEnJ7R(272%3DhVoc%3DzBVE2*(7n7T%3DhMhuVEnJ7T%3DNN*Mz*VE2*(7R(27En%3Dz16zKVR(27cEn%3DhVEE%3DhVwE2*(7JS%3DzBUV(HE%3DUuMzKV2*(7T%3DzhhhV(ASi%3DhMhhh%2ChVJnS%3DUkzbNNb*BVR(27(iJ7qw%3DhVqT7J(w%3DqTTVEsR%3DhMb*VS*i72%3DzhVwE2*%3D*MzVuiwH%3DzhhhVl)7PJI%3DhMhbVSPP7Jc()%3DIA(PlmjVS*i7T%3DzV(iJ7T%3DKhMz*VR(27J(iJ7T%3DKMKUV(qsi%3DhMhhh%2ChV(qsS%3DhMhhh%2ChVnJgoH%3DhVnJnH%3DhVR(27(iw7T%3DhVTnS%3DhM*BVqT7ic%3D_lPoiA)oVR(27(iJ7(E%3DhVwTSi%3DhMhkhVncjio7nS%3DzNVJo22o(7cA)7nS%3DAJsnHc7u7IlJcVJRii2j7cA)7nS%3DVSocowcoS7cA)7nS%3DAJsnHc7u7IlJcVEnosATn2ncj%3DhMb*VilJ%3DzVAw7cjio%3DzVAST2q%3Dzkz**NzkhuVAPi%3DzVl)TnS%3DhM*BhVTH2(%3DhMhzhVJRnS%3DVScw%3DsoJc7l(VSPP7o(iP%3DHA2JoVSPP%3DIA(PlmjVTSiwAiS%3DhVSA2)%3DRmnJlm*KVJlTi%3DVanS%3DyWF6iRT6NhbzBbNubbzUBNkhVIcP2%3DzVAS7ilJ%3D%7B%22c%22%3Az%2C%22i%22%3AU%7DVSwRc%3DNhVSl)T%3Dh6zVowi7RJoS%3DTo2ls7d*BVowi7i*B%3DhMBbkzBNzuNBhKhbBuVowi7iBh%3DzMBhUuBbzNUBbUuNBKVowi7iKh%3D*MhNzhu*KhUU*hkhzVowi7iNh%3DuMzUNbKKhK*hNK*bkVowi7iNB%3DuMbzNK*hBUBNKhukUuVowi7ikh%3DBMz**ukNk*NUhbhBuVowi7ikB%3DKMNuKzBBNhkhzuKKbVowi7ibh%3DbMkNUkNuhzb*UbKB*Vowi7ibB%3DzkMKBbb*bhN*b*ukzKVowi7ibb%3DKzMBkNUu*BuzBKNkBKVnTw%3DzVmJY%3D*Vc)J%3Dz*haKhh%7CzKhaKhhVTJT%3DhVTJi%3DhVcPa%3D*h*&mcE=h&PPP=RFlJfHLWd1q%3D&ns=h&nmLH(=z&TS(LS=UKh&PwH=u*zU&jSJi(=z&TAo=-UAUUfd-Y%2F&qAci(o=z&qAcTnS=6zh*&wASlPAnm=cYg6IZw26Z6_8IfU*6RRHSmB4FI*nXhfKdSu*jUL8wx94_x7qjxlY)%3D%3D&nJnS=B&ASE=LmEoJcl(%20.lwRJ&i)nS=izKhhUBk**uc*h*uzhhNh*Bb&JJ2S=%7B%22JJni%22%3A%22*hhz%3AhBBh%3AzShB%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22JJww%22%3A%22D8%22%2C%22JJJw%22%3A%22.Z%22%2C%22JJwcj%22%3A%22cAPiA%22%7D&IcP2J(w=z&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.148.27 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-148-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

8dcbdb2111b8df88af19256bc5ff00f89cbdfe5dc0c3590b1d3ec9a8d5ccc413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30747
content-type: text/html
date: Sat, 07 Oct 2023 02:59:15 GMT
expires: Sat, 07 Oct 2023 02:59:15 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-w837

GET
H2 200 bping.php
lg3.media.net/ Frame 2A4E 35 B
176 B 145ms
124ms Image
image/gif 23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2731&&vgd_cdv=1086&vgd_cage=7&vgd_tsce=L279&vgd_mcf=3214&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=481977925&vi=1696647555181136794&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785153&r=1696647555161&rrr=tzR-hLcl-L8FHLDxG6oe4F8U4xXb-oZ3&requrl=https%3A%2F%2Fa.sdmtkj.net%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fX~OmYMGv9.Fi~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAu99Fu9~8xLjMGvifH.Ai~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MAMwmQ7~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~L88Ex1vf%2Cf~LNvu~LEQMQOvf9fAu99Fuh~L1Oev9.999%2C9~xLjMGvu.9W~ejfLMxLjMGv9~xLjMjvu9~QjevAf.Fu~yN17vou~GGvuiF~JLEYv9.fX~ejfLMxLjMUNv949~EQ8MNvuF%2Cf%2C9%2Cu9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvhX9~LUJv9%2C9~1AEMGvX.HW%2CF9.uf~QOv9~x8OvAAiW8qT6TWwOCUWyCg~NejfLMGvf.u~G7OvffH9i9FiWFuFFF9fuHHWu9W9u9WHh9HHfh9hh9i9FhffXuFiA99XiXu9AAH9ifuhAXiuhihFih9u9WhFuXiuu9AuWf9ufXAHWFA9XfW~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHA.uF~%3DVvA9fu~UGMxNvu~z7Qvf~UGMxjvlw~UGMNNUQv9~N7v71YE1~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~ONvW~ejfLMGvX.HW~77vhX9~xjYMEv9.9Fu~eBMJ-Nv9.if~e8QMQOvuXW~xLjMLEQMGvF.FH~ONfvu~eM1Qzvi99i~j1Q7v~Nemyvf.u~e8QMxLjMGv9.XX~ejfLM8MQOvf9fAu99Fu9~e8QMxLjMjv9~J7vuX~ejfLM8MGv9.9A~e8QMGvhhf.uf~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvuXH~LkevHA.uF~jfLMGvu999~L1OEv9.999%2C9~Q8OvHWuihhifX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.if~OfEMjvu9~Nejfvf.u~AENkvu999~myMYQwv9.9i~OYYMQ7Lyvw1LYmz5~OfEMGvu~LEQMGvF9.uf~xLjMQLEQMGvF.FH~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fX~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9W9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~e8JB1G8j875v9.if~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.fX9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoh9iuXihAiiuHXhW9~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vh9~OmyGv9ou~JNEMxQJOvGJjmBM%20fX~JNEMEfXv9.XiWuXhuAhX9F9iXA~JNEMEX9vu.X9HAXiuhHXiHAhXF~JNEMEF9vf.9hu9AfF9HHf9W9u~JNEMEh9vA.uHhiFF9Ff9hFfiW~JNEMEhXvA.iuhFf9XHXhF9AWHA~JNEMEW9vX.uffAWhWfhH9i9XA~JNEMEWXvF.hAFuXXh9W9uAFFi~JNEMEi9vi.WhHWhA9uifHiFXf~JNEMEiXvuW.FXiifi9hfifAWuF~JNEMEiivFu.XWhHAfXAuXFhWXF~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vf9f&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%2271YE1%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1696647555162272013&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p1600458223t202310070259&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001696647555155006462152405544&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-51.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 07 Oct 2023 02:59:15 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 07 Oct 2023 02:59:15 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame A7D7 26 KB
10 KB 88ms
87ms Document
text/html 23.212.148.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.148.27 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-148-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

14f30c121282852c590c3f9b565639380a341aafb05abb443288ccaf84e97fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9541
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 02:59:15 GMT
expires: Mon, 09 Oct 2023 02:59:15 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 2A4E 35 B
191 B 106ms
95ms Image
image/gif 23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=5983&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=8WXdwvOFJWTFD7RxBK3I4Q&vid=8WXdwvOFJWTFD7RxBK3I4Q&dn=a.sdmtkj.net&rawDn=a.sdmtkj.net&pid=8PR113JGC&ugd=4&fleet=ebda&requrl=https%3A%2F%2Fa.sdmtkj.net&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=tampa&zip=33609&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-ebda-68d9949d99-ff2kv.OR&dtc=west_or&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=202&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm6iEYCIomukuexPhwXPvdBPrhWZYd11rztnxZvpXjDDQtUSf8hcsv-srupBe4dYjQPc&pexid=ADX-pub-7091597399145780&geoll=false&is_ortb=false&s_ip=172.217.46.229&s_city=dallesport&commit_id=ffd86d85&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-10-06+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&rtttime=106&req_tid_present=false&pvid=460&prvAccId=481977925&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=51974391944798_1195964081_1162110914601&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.250&bid_uuid=a8d55e762f2f9a8ebf9c38d37dc54f5b&cbdp=0.080&og_cbdp=0.250&ogbdp=0.25&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.080&dsrc=-2&dp=0&dbf=1&epc=481977925&s=1&snm=SUCCESS&pcrid=8CU7Q771E-481977925-40-16&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=92&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Ckbb_se%3D0%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1696647553939&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.25&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&stagid=aswift_3_host&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=202&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_page_url=a.sdmtkj.net&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=17c311075b&mx_exp_tokens%3C%3E=Dummy%3Atest-1%23%23Mcid%3Atoken_1%23%23Dummy_2%3Atest-1&acid=bd0d4dbfa820e92a224273ed5c092717&rtime=24.0&wsip=mowx-776f4555d6-pbc8b&ltime=33.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=1812271803&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=bd0d4dbfa820e92a224273ed5c092717_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_3_host&feedback_id=8WXdwvOFJWTFD7RxBK3I4Q&supplyTagId=1812271803&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-10-07+02%3A59%3A13&__expireat=1696648154209&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.250&lo_cbdp=0.080&actltime=35&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.25~dom_b%3D0.69~scd%3Dfl~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2023100610~iurl_b%3D924.39~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_3_host~rat%3D0.000%2C0~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~riipua%3D2%2C2~rc%3D1~rps_sd%3D2023100617~radv%3D0.000%2C0~url_b%3D1.08~vl2r_url_b%3D0~url_l%3D10~slv%3D32.61~gcat%3D-1~bb%3D196~erpm%3D0.25~vl2r_url_kc%3D0E0~psi_c%3D16%2C2%2C0%2C10%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D750~rke%3D0%2C0~a3p_b%3D5.48%2C60.12~sd%3D0~uid%3D3398iHLJL8hdKk8gKQ~cvl2r_b%3D2.1~btd%3D2240906986166602144810801084704427077090672251693005951033409217359179769701087615911031820125348630528~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Dn%2Fa~uiw%3D-1~ce%3D0~rcv%3D43.16~CI%3D3021~kb_uc%3D1~nts%3D2~kb_ul%3Dzh~kb_ccks%3D0~ct%3Dtampa~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~kb_tt%3D0~dc%3D8~vl2r_b%3D5.48~tt%3D750~ulm_p%3D0.061~vw_exc%3D0.92~vis_sd%3D158~url_rps_b%3D6.64~dc2%3D1~v_asn%3D9009~last%3D~cvog%3D2.1~vis_url_b%3D0.55~vl2r_i_sd%3D2023100610~vis_url_l%3D0~et%3D15~vl2r_i_b%3D0.03~vis_b%3D772.12~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D154~rfv%3D43.16~l2r_b%3D1000~radp%3D0.000%2C0~sid%3D481977925~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.92~d2p_l%3D10~cvl2%3D2.1~3pcf%3D1000~og_msh%3D0.09~dmm_strg%3Dharmony~d2p_b%3D1~rps_b%3D60.12~url_srps_b%3D6.64~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.25~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.080%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_3_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_3_host%7Eviewability%3D0.92%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271803%7Eamp%3D1%7Eogbid%3D0.250%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison26%7Esobp%3D%7Exid%3DADX-pub-7091597399145780%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A1%2C%22p%22%3A4%7D%7Edcut%3D70%7Edogb%3D0-1%7Eecp_used%3Dbelow_q25%7Eecp_p25%3D0.5981571375060953%7Eecp_p50%3D1.5043591745943756%7Eecp_p60%3D2.071032604420801%7Eecp_p70%3D3.147966062076298%7Eecp_p75%3D3.9176205457603843%7Eecp_p80%3D5.122387827409053%7Eecp_p85%3D6.736155708013669%7Eecp_p90%3D9.874873019249652%7Eecp_p95%3D18.659929072923816%7Eecp_p99%3D61.587432531567856~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D202&utime=1223&sf=0&cpr=0.43151321694066413

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-51.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:15 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 07 Oct 2023 02:59:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4B2B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcVvBgckgZb3SLv6a2OMP6L2YwAak9MWzc_HR5vWyEfLs0uCyARABIL7NwAhgyYaAgNyjxBCgAcv48eYCyAECqAMByAPJBKoE3wFP0JQ0nsa1vpNGJ_i01tscSmNMLc6Z5jabqoJNEMhd4Zz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220x919bf5...

0
0

236ms
123ms

Fetch
text/css

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220x919bf5c4a507a2480000000000000000%22,%224%22:%220xd98087ec7082604c0000000000000000%22,%225%22:%220x6aa4902334c88ca60000000000000000%22},%22debug_key%22:%2213295231937410771464%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22752647243%22],%224%22:[%2210-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223466854974810681889%22}&andc=true

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xee05435e7c03d0720000000000000000","2":"0x6b192c11a077eaeb0000000000000000","3":"0x919bf5c4a507a2480000000000000000","4":"0xd98087ec7082604c0000000000000000","5":"0x6aa4902334c88ca60000000000000000"},"debug_key":"13295231937410771464","debug_reporting":true,"destination":"https://capitaloneshopping.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["752647243"],"4":["10-07"],"6":["true"]},"priority":"500","source_event_id":"3466854974810681889"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 07 Oct 2023 02:59:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Oct 2023 02:59:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xee05435e7c03d0720000000000000000","2":"0x6b192c11a077eaeb0000000000000000","3":"0x919bf5c4a507a2480000000000000000","4":"0xd98087ec7082604c0000000000000000","5":"0x6aa4902334c88ca60000000000000000"},"debug_key":"13295231937410771464","debug_reporting":true,"destination":"https://capitaloneshopping.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["752647243"],"4":["10-07"],"6":["true"]},"priority":"500","source_event_id":"3466854974810681889"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41F3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3787b594bcfa27a17783d1e92326e3ca29e2eac2a944d52935787a19c5f31e2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync
cs.media.net/ Frame A7D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzM5NjQ5MTU1MTUyNDAwOTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKhL4zX8U_2fdaxesKZotik&google_cver=1

53 B
444 B

202ms
190ms

Image
image/gif

23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKhL4zX8U_2fdaxesKZotik&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-174-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:15 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 07 Oct 2023 02:59:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEKhL4zX8U_2fdaxesKZotik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3358 37 KB
14 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 23:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 23:32:34 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 230ms
114ms Preflight
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 02:59:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame E970 37 KB
14 KB 67ms
67ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 23:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 23:32:34 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 41F3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw7wHgckgZbzSLv6a2OMP6L2YwAaj7afdcOG85_WyEdKwz9KUDhABIL7NwAhgyYaAgNyjxBCgAcv48eYCyAECqAMByAPJBKoE4QFP0EQb-kNQy3AAFMUA2ttoFdcfNq_ROHI0QQIWwUf0JLy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220xe4bd4c...

0
0

179ms
122ms

Fetch
text/css

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220xe4bd4c4187addf300000000000000000%22,%224%22:%220xd6601f57e8e222360000000000000000%22,%225%22:%220x6aa4902334c88ca60000000000000000%22},%22debug_key%22:%227313142138281937027%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22752647243%22],%224%22:[%2210-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223983832905649608433%22}&andc=true

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 02:59:15 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xee05435e7c03d0720000000000000000","2":"0x6b192c11a077eaeb0000000000000000","3":"0xe4bd4c4187addf300000000000000000","4":"0xd6601f57e8e222360000000000000000","5":"0x6aa4902334c88ca60000000000000000"},"debug_key":"7313142138281937027","debug_reporting":true,"destination":"https://capitaloneshopping.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["752647243"],"4":["10-07"],"6":["true"]},"priority":"500","source_event_id":"3983832905649608433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 07 Oct 2023 02:59:15 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Oct 2023 02:59:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xee05435e7c03d0720000000000000000","2":"0x6b192c11a077eaeb0000000000000000","3":"0xe4bd4c4187addf300000000000000000","4":"0xd6601f57e8e222360000000000000000","5":"0x6aa4902334c88ca60000000000000000"},"debug_key":"7313142138281937027","debug_reporting":true,"destination":"https://capitaloneshopping.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["752647243"],"4":["10-07"],"6":["true"]},"priority":"500","source_event_id":"3983832905649608433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js Show response
pagead2.googlesyndication.com/bg/ Frame E0F2 37 KB
14 KB 58ms
56ms Script
text/javascript 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/17MduF4b-1jBNLlm7tOdf7Y0xxmC-v9YXeZb_9D--DE.js

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 23:32:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 23:32:34 GMT

GET
H2 200 bql.php Show response
akl-navvy.media.net/ Frame DC16 15 B
297 B 120ms
46ms Script
text/javascript 34.160.55.127
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://akl-navvy.media.net/bql.php?vgd_len=7201&&vgd_canary=0&vgd_l2type=scs_newfl&fp=hbuPLJQ1_KAdbtphfMRUubNor0hqAJ1cg-9mg-D9i3oXY3cUYKm1J72drhNKmOTHx7VqLtxrFTyfbRrlwaWwcZRiyW5ZGMhkIfgMWByv7wcfKV9G5DFm68G-qIDa2Da5hwe_ZHPZUFo%3D&cme=KR6HHT3NCc3BDq8a33FXB6jYieJ1CM8Tt27T7bhMirmv_G9LO7rRoP8Dm0_QvJKjtoxhUcVzTly_aXxXbVdxNvnI9Y6THPW6tf-TyhezC_usIz82I1KjqFSdXXRW4BPNEwXvpcVBzqCL1v3GmJmUA9YJRCS40fwIII5sijysazMUsT4qPaZPBBIWxgLnpE1SyjzaOYgAYw61i0MPFxIhUGCIjCUGWg2GoI9V95eUc2s%3D%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4EUSwVv2AGMOec24ag4STOnev5VBzp-9M%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CQPGPw8_VMagf2DTSYcoc95lzGuZRVIn4R0PT-zmiZUsvvcrXDYRx4NAAxwd6VWa0b1o7n5V8vUTPrCeDoT5yw-Slf2WvBHlKvap4AHQy49WgaVJhShQJaVqmd81ICtSIAUzkWLJSIfJOk9FIpFgeGPI61XrAKwmhranW0f-sBEsdITH2P4vcOx3G_iTNlx03gO79Mhi7AvJPr9qoZqxbTNMlYI9KYqzn3dgmBMFugWDEnrM-Qg9ywTqBarIcmt1YhS6ywAOotiQ7kNpa_UAA63EcSlv-nS0f%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=ffoyxQJuO&kwd[]=Top+5+Medicare+Advantage+Plans&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=1&kid[]=329961779&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0003%7C8%3D100617%7C13%3D0.1646%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D3.11%7C12%3D8.76%7C60%3D1.11%7C80%3D8.92%7C1%3D6.84%7C2%3D13.72&ktd[]=4503874522452224&kwd[]=Top+5+Medicare+Supplement+Plans&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=2&kid[]=329864503&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0002%7C8%3D100617%7C13%3D0.2191%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D2.74%7C12%3D5.20%7C60%3D0.93%7C80%3D4.11%7C1%3D4.24%7C2%3D8.99&ktd[]=274895081728&kwd[]=Best+Mattresses+by+Consumer+Reports&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=3&kid[]=329937476&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0002%7C8%3D100617%7C13%3D0.1930%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D13.09%7C12%3D1.12%7C60%3D1.72%7C80%3D2.18%7C1%3D10.14%7C2%3D20.96&ktd[]=274895081728&kwd[]=How+to+Lower+Blood+Pressure+Quickly&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=4&kid[]=98521951&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0004%7C8%3D100617%7C13%3D0.0890%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D0.76%7C12%3D0.86%7C60%3D0.34%7C80%3D1.76%7C1%3D0.73%7C2%3D2.31&ktd[]=274911858944&kwd[]=Top+5+High+Yield+Bond+Funds&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=5&kid[]=329829026&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0004%7C8%3D100617%7C13%3D0.0900%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D0.66%7C12%3D2.12%7C60%3D1.28%7C80%3D0.76%7C1%3D1.37%7C2%3D5.39&ktd[]=4503874522452224&kwd[]=Symptoms+of+Congestive+Heart+Failure&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=6&kid[]=27614750&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0003%7C8%3D100617%7C13%3D0.1203%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D0.94%7C12%3D4.86%7C60%3D0.69%7C80%3D1.43%7C1%3D2.76%7C2%3D7.60&ktd[]=274911858944&kwd[]=Emergency+Money+Assistance&kwt[]=475&kbc[]=999fc0acbb9a6c8ae088842a370c5b0f.d2s&kwp[]=7&kid[]=312650877&kbc2[]=eset%3D1%7Ce_st%3D16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0002%7C8%3D100617%7C13%3D0.1223%7C14%3D100623%7Cokt%3D475%7Cbkt%3D475%7Cps%3D0.919%7C53%3D0.52%7C12%3D1.00%7C60%3D0.50%7C80%3D1.16%7C1%3D0.75%7C2%3D4.29&ktd[]=4503874539229440&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774616&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%2271YE1%22%2C%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22sT%22%7D&cid=8CU7Q771E&vi=1696647555181136794&vsid=3396491551524030&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L279-S279&vgd_imdtl=1&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=18231&vgd_nrrmf=1000ca0a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1696647555155&upk=1696647555.24176&hvsid=00001696647555155006462152405544&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1696647555162272013&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D9009&vgd_mcf=3214&vgd_vstrid=3396491551524030&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fX~OmYMGv9.Fi~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAu99Fu9~8xLjMGvifH.Ai~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MAMwmQ7~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~L88Ex1vf%2Cf~LNvu~LEQMQOvf9fAu99Fuh~L1Oev9.999%2C9~xLjMGvu.9W~ejfLMxLjMGv9~xLjMjvu9~QjevAf.Fu~yN17vou~GGvuiF~JLEYv9.fX~ejfLMxLjMUNv949~EQ8MNvuF%2Cf%2C9%2Cu9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvhX9~LUJv9%2C9~1AEMGvX.HW%2CF9.uf~QOv9~x8OvAAiW8qT6TWwOCUWyCg~NejfLMGvf.u~G7OvffH9i9FiWFuFFF9fuHHWu9W9u9WHh9HHfh9hh9i9FhffXuFiA99XiXu9AAH9ifuhAXiuhihFih9u9WhFuXiuu9AuWf9ufXAHWFA9XfW~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHA.uF~%3DVvA9fu~UGMxNvu~z7Qvf~UGMxjvlw~UGMNNUQv9~N7v71YE1~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~ONvW~ejfLMGvX.HW~77vhX9~xjYMEv9.9Fu~eBMJ-Nv9.if~e8QMQOvuXW~xLjMLEQMGvF.FH~ONfvu~eM1Qzvi99i~j1Q7v~Nemyvf.u~e8QMxLjMGv9.XX~ejfLM8MQOvf9fAu99Fu9~e8QMxLjMjv9~J7vuX~ejfLM8MGv9.9A~e8QMGvhhf.uf~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvuXH~LkevHA.uF~jfLMGvu999~L1OEv9.999%2C9~Q8OvHWuihhifX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.if~OfEMjvu9~Nejfvf.u~AENkvu999~myMYQwv9.9i~OYYMQ7Lyvw1LYmz5~OfEMGvu~LEQMGvF9.uf~xLjMQLEQMGvF.FH~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fX~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9W9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~e8JB1G8j875v9.if~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.fX9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoh9iuXihAiiuHXhW9~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vh9~OmyGv9ou~JNEMxQJOvGJjmBM%20fX~JNEMEfXv9.XiWuXhuAhX9F9iXA~JNEMEX9vu.X9HAXiuhHXiHAhXF~JNEMEF9vf.9hu9AfF9HHf9W9u~JNEMEh9vA.uHhiFF9Ff9hFfiW~JNEMEhXvA.iuhFf9XHXhF9AWHA~JNEMEW9vX.uffAWhWfhH9i9XA~JNEMEWXvF.hAFuXXh9W9uAFFi~JNEMEi9vi.WhHWhA9uifHiFXf~JNEMEiXvuW.FXiifi9hfifAWuF~JNEMEiivFu.XWhHAfXAuXFhWXF~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vf9f&vgd_bhv_kbb=1&vgd_cfud=230323&vgd_scsver=195&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1086&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001696647555155006462152405544&rc=0&rand=1696647555447&acid=bd0d4dbfa820e92a224273ed5c092717&matm=1696647555447&vgd_ltimesrc=1&vgd_ltime=624&vgd_rtime=622&vgd_etm=10&vgd_l1hcsd=Scnr1%7C6585&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=1310&vgd_pgid=p1600458223t202310070259&vgd_csip=rtb-ebda-68d9949d99-ff2kv.OR&vgd_sbSup=1&vgd_nrrs=18231&vgd_cdv=1086&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2950&&kkdd=nW%7C3%7CAHn9*&En=zKbKKUNBBBzkzzuKNbU&)Si(=h&PJiA=h&wSE=zhkK&cJwo=Z*Nb&wnS=kXDNrNNz1&wiwS=rwd)la-R7t1-jz776((tws%3D%3D&w(nS=UkzbNNb*B&JnYo=zKhaKhh&ww=D8&Jw=.Z&wImP=_ygC4fv&inS=kp4KNgvu8&cinS=~z1uKKk&IcciJ=z&(((=cYg6IZw26Zk._ZWaQKloU.kDUaFT6l0u&mJo=B&2s=z&R)S=U&AScz=kXDDbt.k_&ASc*=zzK*zzhbz&TSAcA=JS*%3DmR22VnR(272%3DzhVl)o(iP%3DhM*BVSlP7T%3DhMKbVJwS%3DH2V(Ao%3Dh%2ChVSlP72%3D*hVE2*(7JS%3D*h*uzhhKzhVnR(27T%3Db*UMubVR(27cqw%3DhVR(27(*A7T%3DhVJcS%3DAJsnHc7u7IlJcV(Ac%3DhMhhh%2ChVni%3DvlS_qiHmbjqnHAUpvPJ1CVHTT%3DhV(nniRA%3D*%2C*V(w%3DzV(iJ7JS%3D*h*uzhhKzNV(ASE%3DhMhhh%2ChVR(27T%3DzMhkVE2*(7R(27T%3DhVR(272%3DzhVJ2E%3Du*MKzV)wAc%3D6zVTT%3DzbKVo(iP%3DhM*BVE2*(7R(27qw%3Dh1hViJn7w%3DzK%2C*%2Ch%2Czh%2Ch%2Ch%2Ch%2ChVTP%3DzViJn7S%3DNBhV(qo%3Dh%2ChVAui7T%3DBMUk%2CKhMz*VJS%3DhVRnS%3Duubkn_ZtZkIS5qk)5rVwE2*(7T%3D*MzVTcS%3D**UhbhKbkKzKKKh*zUUkzhkhzhkUNhUU*NhNNhbhKN**BzKbuhhBbBzhuuUhb*zNuBbzNbNKbNhzhkNKzBbzzhuzk*hz*BuUkKuhB*kVRnP%3DhV(qc%3DhMhhh%2ChVl)S*i7T%3DhMbkVJJ%3DfyVww%3DD8VqT7S2%3Dm%2FAVRns%3D6zVwo%3DhV(wE%3DUuMzKVXL%3Duh*zVqT7Rw%3DzVmcJ%3D*VqT7R2%3DYIVqT7wwqJ%3DhVwc%3DcAPiAVTJJ75~O%3Dfy%2CfyVTAJnJ*%3DzbKVTAJnJz%3DzbKVqT7cc%3DhVSw%3DkVE2*(7T%3DBMUkVcc%3DNBhVR2P7i%3DhMhKzVEs7oaw%3DhMb*VEnJ7JS%3DzBkVR(27(iJ7T%3DKMKUVSw*%3DzVE7AJm%3DbhhbV2AJc%3DVwEl)%3D*MzVEnJ7R(27T%3DhMBBVE2*(7n7JS%3D*h*uzhhKzhVEnJ7R(272%3DhVoc%3DzBVE2*(7n7T%3DhMhuVEnJ7T%3DNN*Mz*VE2*(7R(27En%3Dz16zKVR(27cEn%3DhVEE%3DhVwE2*(7JS%3DzBUV(HE%3DUuMzKV2*(7T%3DzhhhV(ASi%3DhMhhh%2ChVJnS%3DUkzbNNb*BVR(27(iJ7qw%3DhVqT7J(w%3DqTTVEsR%3DhMb*VS*i72%3DzhVwE2*%3D*MzVuiwH%3DzhhhVl)7PJI%3DhMhbVSPP7Jc()%3DIA(PlmjVS*i7T%3DzV(iJ7T%3DKhMz*VR(27J(iJ7T%3DKMKUV(qsi%3DhMhhh%2ChV(qsS%3DhMhhh%2ChVnJgoH%3DhVnJnH%3DhVR(27(iw7T%3DhVTnS%3DhM*BVqT7ic%3D_lPoiA)oVR(27(iJ7(E%3DhVwTSi%3DhMhkhVncjio7nS%3DzNVJo22o(7cA)7nS%3DAJsnHc7u7IlJcVJRii2j7cA)7nS%3DVSocowcoS7cA)7nS%3DAJsnHc7u7IlJcVEnosATn2ncj%3DhMb*VilJ%3DzVAw7cjio%3DzVAST2q%3Dzkz**NzkhuVAPi%3DzVl)TnS%3DhM*BhVTH2(%3DhMhzhVJRnS%3DVScw%3DsoJc7l(VSPP7o(iP%3DHA2JoVSPP%3DIA(PlmjVTSiwAiS%3DhVSA2)%3DRmnJlm*KVJlTi%3DVanS%3DyWF6iRT6NhbzBbNubbzUBNkhVIcP2%3DzVAS7ilJ%3D%7B%22c%22%3Az%2C%22i%22%3AU%7DVSwRc%3DNhVSl)T%3Dh6zVowi7RJoS%3DTo2ls7d*BVowi7i*B%3DhMBbkzBNzuNBhKhbBuVowi7iBh%3DzMBhUuBbzNUBbUuNBKVowi7iKh%3D*MhNzhu*KhUU*hkhzVowi7iNh%3DuMzUNbKKhK*hNK*bkVowi7iNB%3DuMbzNK*hBUBNKhukUuVowi7ikh%3DBMz**ukNk*NUhbhBuVowi7ikB%3DKMNuKzBBNhkhzuKKbVowi7ibh%3DbMkNUkNuhzb*UbKB*Vowi7ibB%3DzkMKBbb*bhN*b*ukzKVowi7ibb%3DKzMBkNUu*BuzBKNkBKVnTw%3DzVmJY%3D*Vc)J%3Dz*haKhh%7CzKhaKhhVTJT%3DhVTJi%3DhVcPa%3D*h*&mcE=h&PPP=RFlJfHLWd1q%3D&ns=h&nmLH(=z&TS(LS=UKh&PwH=u*zU&jSJi(=z&TAo=-UAUUfd-Y%2F&qAci(o=z&qAcTnS=6zh*&wASlPAnm=cYg6IZw26Z6_8IfU*6RRHSmB4FI*nXhfKdSu*jUL8wx94_x7qjxlY)%3D%3D&nJnS=B&ASE=LmEoJcl(%20.lwRJ&i)nS=izKhhUBk**uc*h*uzhhNh*Bb&JJ2S=%7B%22JJni%22%3A%22*hhz%3AhBBh%3AzShB%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22JJww%22%3A%22D8%22%2C%22JJJw%22%3A%22.Z%22%2C%22JJwcj%22%3A%22cAPiA%22%7D&IcP2J(w=z&ure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.55.127 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

127.55.160.34.bc.googleusercontent.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:15 GMT
via: 1.1 google
strict-transport-security: max-age=63072000
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Mon, 02 Oct 2023 21:49:01 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 114ms
113ms Preflight
text/html 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xee05435e7c03d0720000000000000000%22,%222%22:%220x6b192c11a077eaeb0000000000000000%22,%223%22:%220xe4bd4c4187addf300000000000000000%22,%224%22:%220xd6601f57e8e222360000000000000000%22,%225%22:%220x6aa4902334c88ca60000000000000000%22},%22debug_key%22:%227313142138281937027%22,%22debug_reporting%22:true,%22destination%22:%22https://capitaloneshopping.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22752647243%22],%224%22:[%2210-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223983832905649608433%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 Oct 2023 02:59:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A4E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60595c09eca0b8570415deb52f7782579f4e3d1fe2579b530af7a58a6a74f38f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A4E 0
19 B 126ms
124ms Image
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWetKgckgZbvSLv6a2OMP6L2YwAa-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTcwOTE1OTczOTkxNDU3ODDIAQmoAwHIAwKqBNABT9AmGSDoIFKJNZfyD7LUneTwWUFzuM4-qgkhuUbCq14blk3U24q0gkB_yf1u5PVNUoCkKFiBZGl6qHeVoqjIn-zBgWQ0sR_5ybEzrvtOvbDizZbxfCciiWtqMu2teokWz0JzlMMuqHoqZnGTIumlCRs5dkd5dpqt8FN_6jO4Jl4XPo9bt-LHVcv6mHNgFGFaf6E3_oQcC4kQ_6ORgYjl0cCe6IRhgWe5MQLYfUZFYP1Jl26Or7DAx4YKcNBXyM1SfAADdl2GKnQ19tjzp6rf2IAGqp-L6Ym07tDGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzA5MTU5NzM5OTE0NTc4MBgA&sigh=KthcNMKQgmU&uach_m=[UACH]&cid=CAQSTADICaaNmbML3oyR_VRqB0uMaWsYhT1rujBTcyf27oBgm-akiTd8gPccyBqL7XhLch_UaxeOPJC0CYB6gemXLBDT-wjGth2ZKrLHnu0YAQ&cbvp=2&vis=1

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 07 Oct 2023 02:59:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame 2A4E 35 B
191 B 68ms
66ms Image
image/gif 23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjUxOTc0MzkxOTQ0Nzk4XzExOTU5NjQwODFfMTE2MjExMDkxNDYwMUBiZDBkNGRiZmE4MjBlOTJhMjI0MjczZWQ1YzA5MjcxN5gHAAAAAAAA0D8oaHR0cHM6Ly9hLnNkbXRrai5uZXQEVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNhhhLnNkbXRrai5uZXQSOENVVTlKRjhICA4xNjB4NjAwCjAuMDgwDndlc3Rfb3IGQURYCAhudXJsAAAAAAAAAFdApo6ZgeFiAjEAAAAAAADwvzhydGItZWJkYS02OGQ5OTQ5ZDk5LWZmMmt2Lk9SPjE3MDAwODA4MDc2ODMzMDAxNjAwNjAwMDAwNTk1MDACEGZmZDg2ZDg1AmIC&cbvp=2

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-51.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:15 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 07 Oct 2023 02:59:15 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 2A4E 35 B
296 B 191ms
58ms Image
image/gif 104.117.182.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=bd0d4dbfa820e92a224273ed5c092717&algo=unison26&bdp=0.2500&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=116211091&ct=tampa&dc=west_or&dfpbd=0.0800&dn=a.sdmtkj.net&iwb=1&ogcbdp=0.2500&other_bids=0.25&other_prv=460&pbshr=100.0000&prdp=0.0800&requrl=a.sdmtkj.net%2F&sat=1&sc=FL&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=16778729&ugd=4&ver=9.6.2&cliIP=0&time_stamp=2023-10-07%2002%3A59%3A13&seat=BID_API&itype=adx&req_id=8WXdwvOFJWTFD7RxBK3I4Q&dfp_bucket=0.0&level_base=0&bdp_bucket=0.25&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F117.0.5938.149%20Safari%2F537.36&br_ver=117.0.5938.149&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_1-cid_0&ogerpm=0.2500&ogerpm_used=false&rawbid=0.2500&totalTimeBucket=16&as_cache=1&sub_bidder=196&current_day=6.0&current_hour=2&cut=68&floor_bucket=0.00&model_version=202310061855_generic_adx_1-cid_0&erpm_bucket=0.25&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.9200&stid=aswift_3_host&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=62.7159&bdp_wider_bucket=1&adblk=1812271803&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=70&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-ebda-68d9949d99-ff2kv.OR&dmm_m1=2023-10-07%2002%3A59%3A13.954628150&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.2500&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=1.5043591745943756&ecp_p75=3.9176205457603843&ecp_avg=0.02&ecp_status=Success&ecp_used=below_q25&ecp_rtime=1726.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-776f4555d6-pbc8b&rel_cut_bkt=70&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.5981571375060953&ecp_p60=2.071032604420801&ecp_p70=3.147966062076298&ecp_p80=5.122387827409053&ecp_p85=6.736155708013669&ecp_p90=9.874873019249652&ecp_p95=18.659929072923816&ecp_p99=61.587432531567856&cbvp=2
Requested by: Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.182.8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Oct 2023 02:59:15 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 07 Oct 2023 02:59:15 GMT

GET
DATA 200
OK truncated
/ Frame DC16 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DC16 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DC16 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B2B 42 B
64 B 225ms
119ms Fetch
image/gif 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszinPQq2aNgrJ_QhZqNll7Fx7Dy2ZPAdGLzEY_-S8whESxrlki2JkZZqVCHl1nJcEsG_-OMMysASlcKPyCnBdggeT8l4YxLabPetTyu9EXcNhKf0t-8MTOs1OT5x1Iiz9-aYuwCv51xA&sai=AMfl-YQfRGOPqKWROqVCnt6vZc4cbTD07uspa_y1nYIpyKPWJCScD55lgaRm1fQC1MO_lL3ClTnYtCAzERn8vVt1qI1lwEnvcJd5I5mITvH-0A7_yxuD0a-O29QzpbOC0M9tdqualDeZyS_esjIqmA&sig=Cg0ArKJSzDe6opb1ym9_EAE&cid=CAQSTADICaaNmbML3oyR_VRqB0uMaWsYhT1rujBTcyf27oBgm-akiTd8gPccyBqL7XhLch_UaxeOPJC0CYB6gemXLBDT-wjGth2ZKrLHnu0YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=201,822,1000,1000,1000&tos=201,621,178,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696647554721&rpt=465&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41F3 42 B
64 B 119ms
118ms Fetch
image/gif 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBYYzL4ey_Ku5tagOxo-rXTC5-lEmucmlVHUbjg5xUSYeskNXusHgq4fgdJjDtIxsQYgx3FXkDviT2L2pC7q5aJCT3L3JhB8xjxSro3mACToQ-hz9EpBGezD3jkLgCE_KeSmGALrB63g&sai=AMfl-YR37tpqO2xBKCs8_nfPtG2APWpL79d4GJ99J-Ruy60ctG9YedkhRCdPAGsOdsnEnv29We2BV9J-bIiZ3xfh_LWSiG6DihE7VnrkmZe2ruZX-07YgprHsYQYWMqWtBiPXr4PcIdWHrLGFwznEg&sig=Cg0ArKJSzKifvbHhjnIWEAE&cid=CAQSTADICaaNmbML3oyR_VRqB0uMaWsYhT1rujBTcyf27oBgm-akiTd8gPccyBqL7XhLch_UaxeOPJC0CYB6gemXLBDT-wjGth2ZKrLHnu0YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696647554719&rpt=364&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame 2A4E 35 B
191 B 68ms
67ms Image
image/gif 23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAYmQwZDRkYmZhODIwZTkyYTIyNDI3M2VkNWMwOTI3MTem9ulumAcEVVMYYS5zZG10a2oubmV0EjhDVVU5SkY4SBphc3dpZnRfM19ob3N0DjE2MHg2MDAOd2VzdF9vcgQyMwZBRFgSOFBSMTEzSkdDDkJJRF9BUEkAGmFzd2lmdF8zX2hvc3QCMDhydGItZWJkYS02OGQ5OTQ5ZDk5LWZmMmt2Lk9SPjE3MDAwODA4MDc2ODMzMDAxNjAwNjAwMDAwNTk1MDACMAAiABBFWENIQU5HRQICYg&evttyp=1

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-51.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:16 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 07 Oct 2023 02:59:16 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame 2A4E 15 B
15 B 85ms
84ms Image
text/javascript 23.39.174.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2836&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_tsce=L279&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=1086&vgd_cage=7&vgd_rensize=160_600&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.fX~OmYMGv9.Fi~QNOvkj~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fAu99Fu9~8xLjMGvifH.Ai~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MAMwmQ7~L17v9.999%2C9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~L88Ex1vf%2Cf~LNvu~LEQMQOvf9fAu99Fuh~L1Oev9.999%2C9~xLjMGvu.9W~ejfLMxLjMGv9~xLjMjvu9~QjevAf.Fu~yN17vou~GGvuiF~JLEYv9.fX~ejfLMxLjMUNv949~EQ8MNvuF%2Cf%2C9%2Cu9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvhX9~LUJv9%2C9~1AEMGvX.HW%2CF9.uf~QOv9~x8OvAAiW8qT6TWwOCUWyCg~NejfLMGvf.u~G7OvffH9i9FiWFuFFF9fuHHWu9W9u9WHh9HHfh9hh9i9FhffXuFiA99XiXu9AAH9ifuhAXiuhihFih9u9WhFuXiuu9AuWf9ufXAHWFA9XfW~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvzS1~x8Bvou~NJv9~LNevHA.uF~%3DVvA9fu~UGMxNvu~z7Qvf~UGMxjvlw~UGMNNUQv9~N7v71YE1~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~UGM77v9~ONvW~ejfLMGvX.HW~77vhX9~xjYMEv9.9Fu~eBMJ-Nv9.if~e8QMQOvuXW~xLjMLEQMGvF.FH~ONfvu~eM1Qzvi99i~j1Q7v~Nemyvf.u~e8QMxLjMGv9.XX~ejfLM8MQOvf9fAu99Fu9~e8QMxLjMjv9~J7vuX~ejfLM8MGv9.9A~e8QMGvhhf.uf~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvuXH~LkevHA.uF~jfLMGvu999~L1OEv9.999%2C9~Q8OvHWuihhifX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.if~OfEMjvu9~Nejfvf.u~AENkvu999~myMYQwv9.9i~OYYMQ7Lyvw1LYmz5~OfEMGvu~LEQMGvF9.uf~xLjMQLEQMGvF.FH~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.fX~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9W9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~e8JB1G8j875v9.if~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.fX9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoh9iuXihAiiuHXhW9~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vh9~OmyGv9ou~JNEMxQJOvGJjmBM%20fX~JNEMEfXv9.XiWuXhuAhX9F9iXA~JNEMEX9vu.X9HAXiuhHXiHAhXF~JNEMEF9vf.9hu9AfF9HHf9W9u~JNEMEh9vA.uHhiFF9Ff9hFfiW~JNEMEhXvA.iuhFf9XHXhF9AWHA~JNEMEW9vX.uffAWhWfhH9i9XA~JNEMEWXvF.hAFuXXh9W9uAFFi~JNEMEi9vi.WhHWhA9uifHiFXf~JNEMEiXvuW.FXiifi9hfifAWuF~JNEMEiivFu.XWhHAfXAuXFhWXF~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vf9f&vgd_lbt=1000&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=481977925&rrr=tzR-hLcl-L8FHLDxG6oe4F8U4xXb-oZ3&requrl=https%3A%2F%2Fa.sdmtkj.net%2F&vi=1696647555181136794&ugd=4&cc=US&sc=FL&bdrid=460&subBdr=196&startTime=1696647555148&l1ch=1&l1hcsd=l1!Scnr1|6585&mmm=uXosNfIDqEk=&sttm=1696647555155&upk=1696647555.24176&hvsid=00001696647555155006462152405544&acid=bd0d4dbfa820e92a224273ed5c092717&verid=3111299&infr=1&twna=1&dma=528&stime=1696647554837&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1696647555162272013&vgd_sc=FL&vgd_ecrid=1700080807683300160060000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p1600458223t202310070259&vgd_pgids=1&vgd_end=2

Requested by

Host: a.sdmtkj.net
URL: https://a.sdmtkj.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.39.174.51 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-39-174-51.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Sat, 07 Oct 2023 02:59:16 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 07 Oct 2023 02:59:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A4E 42 B
64 B 140ms
139ms Fetch
image/gif 2607:f8b0:4004:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteHQIxGTYc9IMUq2dco3QhiUct7pUria6DbKGy2Wudo2blbjOIy4SZK0K1OUOWrvyjAhnj-UtBN2QNG5go47XmRc1z47mglR97Ne2u&sig=Cg0ArKJSzKyFZLfnq2ydEAE&id=lidar2&mcvt=1001&p=0,0,622,160&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696647554823&rpt=421&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 02:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: style.sdmtkj.net
URL: https://style.sdmtkj.net/stutimes/custom.js

Domain: style.sdmtkj.net
URL: https://style.sdmtkj.net/stutimes/hc-sticky.js

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sdmtkj.net/	1970-01-21 00:39:03	Name: __gads Value: ID=dc119153ab5b1598:T=1696647553:RT=1696647553:S=ALNI_MZGeS4Svu_dTR0bMkHbU8vnWOwbxg
.sdmtkj.net/	1970-01-21 00:39:03	Name: __gpi Value: UID=00000d97712ce1b0:T=1696647553:RT=1696647553:S=ALNI_MZkgUpxmzTm_BvZ4gd6YHthUuLsrw
.doubleclick.net/	1970-01-20 15:17:31	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:53:27	Name: IDE Value: AHWqTUnNkcOGaPUiSoi972CJsYd5hew5zJueq9YKeSegunfmmW0KG0kS9sGXvvc-uwU
.media.net/	1970-01-21 00:03:03	Name: visitor-id Value: 3396491551524030000V10
.media.net/	1970-01-20 15:37:37	Name: data-g Value: CAESEKhL4zX8U_2fdaxesKZotik~~6
.googleadservices.com/	1970-01-20 17:27:03	Name: ar_debug Value: 1
www.ad.siemens.com.cn/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity_adCORS Value: 4bbc6e7974ab8153b270d60f65b4db57

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sdmtkj.net
akl-navvy.media.net
cm.g.doubleclick.net
contextual.media.net
cravatar.cn
cs.media.net
d.yzh.li
fonts.googleapis.com
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
style.sdmtkj.net
tpc.googlesyndication.com
warp.media.net
www.ad.siemens.com.cn
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
style.sdmtkj.net
104.117.182.8
142.251.16.156
142.251.167.157
172.83.153.90
23.212.148.27
23.39.174.51
23.40.207.176
2606:4700:3031::6815:450f
2606:4700:3031::ac43:b6ef
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::93
34.160.55.127
40.73.71.59
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0b36888f2f506af18ebb9927b27d81f32aae76e3d546cf71144cd532a684b460
14f30c121282852c590c3f9b565639380a341aafb05abb443288ccaf84e97fa4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fa3382a55d9b99db528067cbd9aaf2a6619a1e1968b2034d9b95996b147b5bc
2168c3e99eb56ea9b678e5f67c7845b9e393b0a3751f95c29befd0c4be184a6c
2bbb64ac6b21c2e0e6be368fb630f5f574c86787588ee95c007531325881cddf
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e55850a9e3ccfd95640925b9cc5196225d24cad5e40650c9fc1f92b9add66a3
2f5ceebe91010b8ecc58f7f1877dbd9ad53c72e15a97efd12b8fa98a1486eda3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
34f21d5006083af518abb1d97998dc48a494a836ff06ceb311af1b59abc6f61c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
42c58d1418a3ddd5ea540894ca5049e8098e3ae7ce2cfa70c44323255ddde229
44a165fda7b94826122462acb88d30aff45fb91a3f030cd7def85461c1f33d10
4ce9f81b56777ca98376cd7e29fe960ae0bde99fe0c4824cbd1bc4227f5794d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f40a7bc63ceacdc8c161c2088714574c49036e6533c1ae48dc963715700b45b
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
52eddc03e239ed803badad64b5af87f0ba0c285248cdb4e50fe32858ad7b27e5
53b36233c151d3f4e3dd72cfc8e2ab8b1d3af5bf4ea8cbeb33a5bca365bedad7
547424707979a3481886637fb7f1b3815fa0b64df631818e38d68373e7cc6b22
55d7781b8c607a7c2883823a7b6a83df9d9d099069dedb67655fd8485ccf91c7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60595c09eca0b8570415deb52f7782579f4e3d1fe2579b530af7a58a6a74f38f
714caeebfa40e7dbd6d7cb7f36b1aae2ac20ce63bca0e9974430538635356422
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7f7954d1bd9ba5009e45077bd7cd270445cd3fb5101184ad0abd89ee39ff33ad
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
84464074fb580186f5564987d29422b8b6df50ce8c15d29ff621e3f18e01978b
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8dcbdb2111b8df88af19256bc5ff00f89cbdfe5dc0c3590b1d3ec9a8d5ccc413
93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c
989fe38b5ed726c69652cef9d2de00926bcfe948bf795791cef9a87a3455a300
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a3787b594bcfa27a17783d1e92326e3ca29e2eac2a944d52935787a19c5f31e2
a68ede237604cf9328dc697bfcd2a0251eeab9eb4c511396e0d64ed8a090fde7
a72ef2d93de69193c846feb5d32b0fee6ffe732dd4bf8f2db53390ef951c23e1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab2a08e307666a1ef83cf84bda431a88c8f91cfe5ba2fe96fa1daf80651d5bf9
ab3154a07914e3b7b29829285e1281af372cb90b9da7d42e6d553eb399937680
af9944d4fb0a3fddcfb6b6baccd4ca9aa8923d856102b933b2da0a1d52f15b83
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b056c3903c85a89c7102b8f63f0fcd12e201607832ee5efc8c04060c778f565a
b11c5197e82e6bd9c947c7cfb528bdba6150a50ea5e54cfbaf17545edcafcefa
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
bf39f227c14b8f3070bbb850c4d0a8b209d3b74672378322a49617de5591e908
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cd83f84e54c8b3c7d513d9b23eb96f3ca718e2ac971bf3e6bc0ec144ed3aff28
d6750ae8f8005fe0140daaaf2a5af0b5ad33564e8031e294ce973ae2331a3e10
d7b31db85e1bfb58c134b966eed39d7fb634c71982faff585de65bffd0fef831
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e403730b26c192b9923275d09607dab18bdfe3c21ef523106cd8f00784000687
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac20905640bfabbe441ace41c3cb9cbd0b15c5ecd613bd69a45e59a4e32a1c
fa8e0fdd2b5dbfa9847dbc35226f752ff361d60e44876e3066fcd6fc906a81c6
fb244a678b6de10843eb127e318d7997b9495f826bff45be4de1c9f5f6173a97

a.sdmtkj.net Open in urlscan Pro 2606:4700:3031::ac43:b6ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

95 %HTTPS

50 %IPv6

13 Domains

23 Subdomains

17 IPs

2 Countries

1602 kBTransfer

3703 kBSize

8 Cookies

0 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a.sdmtkj.net Open in urlscan Pro
2606:4700:3031::ac43:b6ef Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

95 %
HTTPS

50 %
IPv6

13
Domains

23
Subdomains

17
IPs

2
Countries

1602 kB
Transfer

3703 kB
Size

8
Cookies

96 HTTP transactions
6 data transactions