urlscan.io logo urlscan.io
SecurityTrails logo

www.needcoolshoes.com Open in urlscan Pro
54.236.206.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.needcoolshoes.com/banner?=paaE
Submission: On May 12 via manual from ZA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 83 HTTP transactions. The main IP is 54.236.206.131, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.needcoolshoes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 26th 2021. Valid for: a year.
This is the only time www.needcoolshoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    54.236.206.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-206-131.compute-1.amazonaws.com
www.needcoolshoes.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
7    152.199.21.117 (United States)

ASN15133 (EDGECAST, US)
ssl.cdne.cpmstar.com
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    23.235.251.211 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
13    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    18.195.184.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-184-113.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
Domain Requested by
16 www.needcoolshoes.com www.needcoolshoes.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 pagead2.googlesyndication.com www.needcoolshoes.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 ssl.cdne.cpmstar.com www.needcoolshoes.com
server.cpmstar.com
ssl.cdne.cpmstar.com
5 server.cpmstar.com ssl.cdne.cpmstar.com
4 static.doubleclick.net googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 pre.ads.justpremium.com ssl.cdne.cpmstar.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.needcoolshoes.com
www.google-analytics.com
2 fonts.googleapis.com www.needcoolshoes.com
googleads.g.doubleclick.net
1 www.google.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com www.needcoolshoes.com
83 19

This site contains links to these domains. Also see Links.

Domain
server.cpmstar.com
Subject Issuer Validity Valid
needcoolshoes.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-26 -
2022-02-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
ssl.cdne.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2021-02-24 -
2022-03-28		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
server.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2020-06-30 -
2022-09-18		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh

This page contains 10 frames:

Primary Page: https://www.needcoolshoes.com/banner?=paaE
Frame ID: 28EFFB618CA7389093CE1DECB3B8895F
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 812E65DA84A5F096747C5EF8E943CC97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Frame ID: 68D28F5962D78EDCA57D6008C9AD5CC0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Frame ID: D85CF7D1448DEA3466FC105C1369247A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1620800770&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770991&bpp=1&bdt=532&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Frame ID: BE610CE42A1CF98F27DF63953B3F15D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: E4BC2A5099F31BF8491E1B7B6A53C4F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 85BF36D8BAFAB4D26DB025CFDFD4188E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Frame ID: B0316E51CE98351C84C993B5D98A6DF2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FE1EEE6C939BB3CB74E5615C375B05EC
Requests: 2 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ambxis1620800775313
Frame ID: 035BEC4D113E5E924050ADD95ED58493
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

83
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

19
Subdomains

18
IPs

3
Countries

1380 kB
Transfer

2586 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request banner
www.needcoolshoes.com/ 		17 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.needcoolshoes.com/banner?=paaE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4f80aeec95436750dc7632e50e36c5f82ae35ec807f0945035a11780bf35d747

Request headers

Host
www.needcoolshoes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 12 May 2021 06:26:10 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Via
1.1 vegur
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Roboto+Slab:400,700,300&subset=latin,latin-ext
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c5e5c9500099641f50775e72c449a319437c25b4f29d6681d35c48f9365ec5ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 06:26:10 GMT
server
ESF
date
Wed, 12 May 2021 06:26:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 06:26:10 GMT
banner.css
www.needcoolshoes.com/assets/css/ 		53 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.needcoolshoes.com/assets/css/banner.css
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
25bbd9e1bf7e90508af553d13dbca7531168cd41725dc2a14818b0e799bf4e8d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.needcoolshoes.com/banner?=paaE
Connection
keep-alive
Referer
https://www.needcoolshoes.com/banner?=paaE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"d395-5be0c45e3df40"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54165
header.png
www.needcoolshoes.com/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/header.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3b0fc877763d6652ad1957931e9a93eab9c563e2d821e4d27e39c6d8f7bd8c9e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/banner?=paaE
Connection
keep-alive
Referer
https://www.needcoolshoes.com/banner?=paaE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"215c-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8540
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49908
x-xss-protection
0
server
cafe
etag
13815580874420029976
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 06:26:10 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 18:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43241
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 May 2022 18:25:29 GMT
banner.js
www.needcoolshoes.com/assets/js/ 		79 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.needcoolshoes.com/assets/js/banner.js
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f3d32f0e25437c6995f4ed984f3dca542b130b847af8ecc84fda4b9e528fd065

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.needcoolshoes.com/banner?=paaE
Connection
keep-alive
Referer
https://www.needcoolshoes.com/banner?=paaE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"13c20-5be0c45e3df40"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80928
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
7158
date
Wed, 12 May 2021 04:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 06:26:52 GMT
bg-top-tile.jpg
www.needcoolshoes.com/assets/img/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bg-top-tile.jpg
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7c0c64dd3ebd0301f6970e85cac5656838a6250c95567781828cdaac3e37994a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"85d8-5be0c45e3df40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34264
bg-tile.jpg
www.needcoolshoes.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bg-tile.jpg
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
db74696d286086332e5edd1cfafeba7121af63cf343431286e9c690a9c2efe5e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"8dd-5be0c45e3df40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2269
flourish.png
www.needcoolshoes.com/assets/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/flourish.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
eac5c50a09bc54f3114788c089f6a048fbfd0be7b64f56d1e135a8817e33a004

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:11 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"30c2-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12482
bgdiags.png
www.needcoolshoes.com/assets/img/ 		279 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bgdiags.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d949ae51099d029b266fbcb868316ec7386ca5284000e5f1fb0bbbac81efa5a1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:11 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"117-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
279
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Roboto+Slab:400,700,300&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.needcoolshoes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
484923
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 06 May 2022 15:44:07 GMT
fontello.woff
www.needcoolshoes.com/assets/vendor/fonts/icon/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.needcoolshoes.com/assets/vendor/fonts/icon/fontello.woff?61275574
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5df0f937f9a5c90461cb5e8f99d50cc1cbb978b6383aaa0287e9c2082acfb1c9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.needcoolshoes.com
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Origin
https://www.needcoolshoes.com
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"26e8-5be0c45e3df40"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9960
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/ 		223 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84099
x-xss-protection
0
server
cafe
etag
12011922212658401594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 12 May 2021 06:26:10 GMT
white.png
www.needcoolshoes.com/assets/img/bnnr/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bnnr/white.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0c3f8c971306eb98dbc271c6d36058f7b421e04b2bb1c03ad093dc1daedc5347

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"519c-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20892
bg_base.png
www.needcoolshoes.com/assets/img/bnnr/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bnnr/bg_base.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
30a068e4fb4cb2faa71b8e613d047c02cc7fd691d937e34c8cbcb82dc1fa301d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"39b8-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14776
bg.png
www.needcoolshoes.com/assets/img/bnnr/ 		196 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bnnr/bg.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
aa2d25309f6f2f59715a0c32c2eb35105d2aee3e9ba13af7a226f5ef7707eeb4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"c4-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
196
white.png
www.needcoolshoes.com/assets/img/bnnr/sm/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bnnr/sm/white.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6ce8cb1461f940641cf5409d4946dcbb72d356ad1ce5d913f583a1a7f5b78017

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:11 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"173d-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5949
bg_base_sm.png
www.needcoolshoes.com/assets/img/bnnr/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bnnr/bg_base_sm.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3320f52d68d27590415808e51326b1553d18bb515cd1d14d04646fb193e2de76

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:11 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"30e-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
782
black.png
www.needcoolshoes.com/assets/img/bnnr/sm/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/bnnr/sm/black.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b39f453bf8f6d91f551a1306f02bb9d3d05e441bd0a121bf635ce57e2ad613ba

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:11 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"17c1-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6081
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Roboto+Slab:400,700,300&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.needcoolshoes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
age
484923
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
expires
Fri, 06 May 2022 15:44:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 812E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210510/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.needcoolshoes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.needcoolshoes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 11 May 2021 18:01:56 GMT
expires
Tue, 25 May 2021 18:01:56 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
44654
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
siteskin_v100.pack.js
ssl.cdne.cpmstar.com/cached/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/js/siteskin_v100.pack.js
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F72B) /
Resource Hash
876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:10 GMT
content-encoding
gzip
last-modified
Wed, 30 Dec 2020 08:30:19 GMT
server
ECAcc (ska/F72B)
age
13790
etag
"809fba186ded61:0"
vary
Accept-Encoding
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
content-length
4166
grid.png
www.needcoolshoes.com/assets/img/ 		335 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.needcoolshoes.com/assets/img/grid.png
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/assets/css/banner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.206.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-206-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8df9592e56bd0616ed6af91c1e33f2d72ea33fe73ae2dea4a5d6dcf382c3e775

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.needcoolshoes.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.needcoolshoes.com/assets/css/banner.css
Connection
keep-alive
Referer
https://www.needcoolshoes.com/assets/css/banner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:11 GMT
Via
1.1 vegur
Last-Modified
Sun, 21 Mar 2021 13:53:25 GMT
Server
Apache
Etag
"14f-5be0c45e3df40"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
335
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=415690783&t=pageview&_s=1&dl=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&ul=en-us&de=UTF-8&dt=Minecraft%20Banners%20%3A%3A%20Miners%20Need%20Cool%20Shoes%20Skin%20Editor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1202134138&gjid=685128431&cid=2035555741.1620800771&tid=UA-47388331-1&_gid=1848788780.1620800771&_r=1&_slc=1&z=751388519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 May 2021 06:26:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.needcoolshoes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		207 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.needcoolshoes.com&callback=_gfp_s_&client=ca-pub-1740835900918404
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
76993d466842e3b40c57bcede8a572699973ff5921dc469b3d3c89651c4ed00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.needcoolshoes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 06:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.needcoolshoes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 06:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 68D2 		64 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7214a095fd4f7e9a82b8af39b62c3541dc1aac985a6d0afe54402e9f70834763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.needcoolshoes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.needcoolshoes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 12 May 2021 06:26:11 GMT
server
cafe
content-length
21875
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 12-May-2021 06:41:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 06:26:11 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696588139699"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
expires
Wed, 12 May 2021 06:26:10 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-47388331-1&cid=2035555741.1620800771&jid=1202134138&gjid=685128431&_gid=1848788780.1620800771&_u=IEBAAAAAAAAAAC~&z=1707936789
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 12 May 2021 06:26:10 GMT
content-type
text/plain
access-control-allow-origin
https://www.needcoolshoes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D85C 		80 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6410c37ef7a19d049c96aef9600957a6edb8c4ab6c30f235423f7821dee640c8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDa0rHBw_ACFQIM4Aod9jkKsg&gqi=AnWbYNahO6GK7_UPsJaRyAo&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.needcoolshoes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.needcoolshoes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDa0rHBw_ACFQIM4Aod9jkKsg&gqi=AnWbYNahO6GK7_UPsJaRyAo&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 12 May 2021 06:26:11 GMT
server
cafe
content-length
24956
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 12-May-2021 06:41:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 06:26:11 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&tn=DIV&id=skin-add-bar&ign=false
Requested by
Host: www.needcoolshoes.com
URL: https://www.needcoolshoes.com/banner?=paaE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 06:26:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.needcoolshoes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.needcoolshoes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BE61 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1620800770&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770991&bpp=1&bdt=532&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1740835900918404&output=html&adk=2724206178&adf=234374453&lmt=1620800770&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770991&bpp=1&bdt=532&idt=1&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C970x280&nras=1&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.needcoolshoes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.needcoolshoes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 12 May 2021 06:26:11 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 12-May-2021 06:41:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 06:26:11 GMT
cache-control
private
view.aspx
server.cpmstar.com/ 		544 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?poolid=83516&json=nc&rnd=580281&callback=gk97sf
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/js/siteskin_v100.pack.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0ee2fdca9b00e3dd008b67cff8077d2ad0c710598b230bb66557baae2b392e58

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 06:26:10 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Type
application/javascript; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame 68D2 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 06:06:20 GMT
server
ESF
date
Wed, 12 May 2021 06:26:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 06:26:11 GMT
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/spam_signals/ Frame 68D2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 02:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2925
x-xss-protection
0
server
cafe
etag
11749031388657934619
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 02:45:23 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 68D2 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:25:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:25:51 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame 68D2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
8099588968410230469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:25:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 68D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:24:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68D2 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696594685118"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36097
x-xss-protection
0
expires
Wed, 12 May 2021 06:26:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame 68D2 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:23:19 GMT
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 68D2 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 11:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 07:08:25 GMT
server
sffe
age
67869
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Mon, 09 Aug 2021 11:35:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 68D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVxKEAnWbYMSrO9C4-gbo_KbgDKOx_tti9YvJwNQN6LL75okOEAEgtdSlBmCVAqABj_6k7gPIAQmpAsN6tlmZV7Q-qAMByAPLBKoE2wFP0EUb-5-HUj9OD-qiaZjgFuSENPi1SoDWe_J1p8vy6VGh_oPj7K6Kwpj3DbZbY155UGSbYaFPTsNWWHMzi3EGyyEdl0bVrhNS33HIjgWps5OnT6gDMPMJOEMPr0-7Dsdx8CETJepcQ2he-N8yDcg_kQHtjt24oVAMcbCcxpsx4v5L1oSYoZ1xyDh--LYca-21bO5ZWXVniR_78kI_ML-r-8UmkIe17oWSaav5xTLpqSetFbYGVgnAhRkjLOPSsVUeft51cb7iJIfOjrqy1AAYXLZftxGI6hteCxfABP7TyMjIA5IFBAgEGAGSBQQIBRgEoAYugAfZgdsRqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENSCK9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwLQFQGAFwGyFxoKGAgAEhRwdWItMTc0MDgzNTkwMDkxODQwNA&sigh=VpcEaFNhQGc&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 12 May 2021 06:26:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 12 May 2021 06:26:11 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4361255965671060488/ Frame 68D2 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4361255965671060488/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d883df57bb893370d709d8474d8268444a7636f75908cbf583b56b0556c1ba50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 17:51:27 GMT
x-content-type-options
nosniff
age
131684
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19703
x-xss-protection
0
last-modified
Mon, 24 Aug 2020 10:19:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 May 2022 17:51:27 GMT
truncated
/ Frame 68D2 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 68D2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587e6fab88606dd71c1090fab7a280c38634d54edc72ca4da97e327a7bb8f1ef

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 68D2 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
536049
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 06 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 68D2 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
536080
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 06 May 2022 01:31:31 GMT
TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
pagead2.googlesyndication.com/bg/ Frame E4BC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2663260536&adf=4039529974&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770816&bpp=35&bdt=357&idt=109&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6795989050351&frm=20&pv=2&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=663Viz99lP&p=https%3A//www.needcoolshoes.com&dtd=129
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 21:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
119523
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5679
x-xss-protection
0
expires
Tue, 10 May 2022 21:14:08 GMT
411_13092_.js
server.cpmstar.com/cached/zonefiles/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/cached/zonefiles/411_13092_.js?rnd=685865
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/js/siteskin_v100.pack.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce6e37d7be30341e88c39e32a15c0274cba12fa24ef9a2158d96835ea87c64eb

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 May 2021 06:26:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Apr 2021 00:17:01 GMT
Server
Microsoft-IIS/10.0
ETag
"80fced23563dd71:0"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
max-age=259200
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2847
mobilemodules.js
ssl.cdne.cpmstar.com/cached/zonemasters/ 		206 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Requested by
Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/zonefiles/411_13092_.js?rnd=685865
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6D0) /
Resource Hash
83a6d8ea48a2394fd9a357f8903510f3fcd962a837f6d8e623b0f7183b37143a

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 16:46:05 GMT
server
ECAcc (ska/F6D0)
age
35437
etag
"969ce786043d71:0+gzip"
vary
Accept-Encoding
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
max-age=259200
content-type
application/javascript
content-length
56628
ssrh.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D85C 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 23:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30063
x-xss-protection
0
server
cafe
etag
16132151104434394549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 12 May 2021 23:29:20 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/ Frame D85C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
8099588968410230469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:25:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame D85C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:24:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D85C 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1620696594685118"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36097
x-xss-protection
0
expires
Wed, 12 May 2021 06:26:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/ Frame D85C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210510/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 May 2021 06:23:19 GMT
8586376228262762721_16570956410356558606.png
static.doubleclick.net/dynamic/5/247142224/ Frame D85C 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/247142224/8586376228262762721_16570956410356558606.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923d63425036abff56d79d6e39e3878bf4854c39831744c7019bd796000a9a36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 May 2021 04:00:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Dec 2020 15:50:57 GMT
server
sffe
age
354325
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41031
x-xss-protection
0
expires
Sun, 08 May 2022 04:00:46 GMT
9160096684491102062_10052290979494134617.jpeg
static.doubleclick.net/dynamic/5/247142224/ Frame D85C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/247142224/9160096684491102062_10052290979494134617.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e11f24cbc5a08c34d9baf1d8f0b3db5771256d6e99c4dd1b525bae30c411af27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:44:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Dec 2020 15:50:59 GMT
server
sffe
age
484878
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4642
x-xss-protection
0
expires
Fri, 06 May 2022 15:44:53 GMT
16466927413957423521_4909806980399958227.png
static.doubleclick.net/dynamic/5/247142224/ Frame D85C 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/247142224/16466927413957423521_4909806980399958227.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c88c4ff8324d3b18c5784f759de1bc4bc1e64b65d1f3f419d46ccf9ae88b56b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:46:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Dec 2020 15:50:58 GMT
server
sffe
age
484797
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75766
x-xss-protection
0
expires
Fri, 06 May 2022 15:46:14 GMT
17581137712802720474_9450736852085163677.png
static.doubleclick.net/dynamic/5/247142224/ Frame D85C 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/247142224/17581137712802720474_9450736852085163677.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03bef40f774dc227be80de9052bd4c0940073205041545ce2e36e960cc9bd348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:42:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Dec 2020 15:51:08 GMT
server
sffe
age
503043
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33405
x-xss-protection
0
expires
Fri, 06 May 2022 10:42:08 GMT
2205244873892788939
tpc.googlesyndication.com/simgad/ Frame D85C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2205244873892788939
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3131bce444adea5e7ce020f0c0d0d778cb3f4140f9706d8db1ccbf576a32ae47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 15:43:52 GMT
x-content-type-options
nosniff
age
484939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25033
x-xss-protection
0
last-modified
Sat, 28 Mar 2020 14:42:26 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 May 2022 15:43:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D85C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cq1yHAnWbYPDRO4KYgAf286iQC4DIgtxirZKiuPcM2JjJ2M0eEAEgtdSlBmCVAqABzqqe9wPIAQmoAwHIA8sEqgTmAU_Qmy8kZnTZFameXmSJtY6DtATq5umoRf8HBY50alRQNudwRoa71Q2aQIrOf_JETU5rdNzlr_wmLvU2JnP4II5-bUzqYsLEmBIXvbVOdxzUShby7W9nvAAe1DGm_fO1claawTGBucBIsEnBXjL6CPopvp3sCiVhU1Bbc4c5hvkkXPzdRUFvnWvSQ4iaTuNwK1gO7XJw36Wo0-5jCrpRfJF3V-XAUPF29pEpxhkXGW-ZT10iRVzZLmMzYLzwKE3qIxzPyJsrdzoTr5NlcrCzPDuvO7LEiymokMIW1DP_8cz4xo9rJlQmwASS8q_BoQOSBQQIBBgBkgUECAUYBKAGLoAHmtXhCKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0csH0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTE3NDA4MzU5MDA5MTg0MDQ&sigh=EzZm42Mif5Y&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 12 May 2021 06:26:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
country.aspx
server.cpmstar.com/ 		157 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/country.aspx?cache=true&referer=www.needcoolshoes.com&callback=nfhq9f
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d5e4db82b5272ab8f9f185a23eca6cbddc446363eee542c72099226b933a60a7

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache,no-cache
Date
Wed, 12 May 2021 06:26:11 GMT
Server
Microsoft-IIS/10.0
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
no-cache,no-store, no-cache, must-revalidate
Content-Type
application/javascript; charset=utf-8
Content-Length
157
Expires
-1,Thu, 01 Jan 1970 00:00:00 GMT
siteskin.js
ssl.cdne.cpmstar.com/cached/zonemasters/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/zonemasters/siteskin.js?ver=1097
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F75B) /
Resource Hash
54446b2fb72588e7442e3a65ff9bc1d09b98cfc3164d355d718137b3618f5a55

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 21:45:35 GMT
server
ECAcc (ska/F75B)
age
34874
etag
"c112e255ae30d71:0+gzip"
vary
Accept-Encoding
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
max-age=259200
content-type
application/javascript
content-length
3688
s
googleads.g.doubleclick.net/pagead/drt/ Frame 85BF 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnrLqSZO_FXmNqgwU8L0ARNZZYpQb7Seb3DEWJ9q7G1dvBYInxKohj5FqssEZ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 12 May 2021 05:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1741
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D85C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43f7a4a500f7e7c72d9ba1760b24e651490b30aefb8bcae8d3f10b43e5259a91

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 85BF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnrLqSZO_FXmNqgwU8L0ARNZZYpQb7Seb3DEWJ9q7G1dvBYInxKohj5FqssEZ0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 12 May 2021 06:26:11 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 12-May-2021 07:26:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 May 2021 06:26:11 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 12 May 2021 06:26:11 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
pagead2.googlesyndication.com/bg/ Frame B031 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1740835900918404&output=html&h=280&slotname=2265260840&adk=2763914541&adf=2707489807&pi=t.ma~as.2265260840&w=970&fwrn=4&fwrnh=100&lmt=1620800770&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.needcoolshoes.com%2Fbanner%3F%3DpaaE&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620800770868&bpp=2&bdt=409&idt=92&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6795989050351&frm=20&pv=1&ga_vid=2035555741.1620800771&ga_sid=1620800771&ga_hid=415690783&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060980%2C31061034&oid=3&pvsid=2939392112001003&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kaufhH9bGY&p=https%3A//www.needcoolshoes.com&dtd=96
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 21:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
119523
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5679
x-xss-protection
0
expires
Tue, 10 May 2022 21:14:08 GMT
lib.js
ssl.cdne.cpmstar.com/cached/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/js/lib.js
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6CA) /
Resource Hash
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 18:11:59 GMT
server
ECAcc (ska/F6CA)
age
4028
etag
"80c1e61de9cfd61:0"
vary
Accept-Encoding
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
content-length
2069
starprebid.js
ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/ 		336 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1097
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F699) /
Resource Hash
b1823c0feb42b393ef6db408c045d04f28d172c7bd582835c237a54a1d2fd085

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 23:01:31 GMT
server
ECAcc (ska/F699)
age
35413
etag
"c3e2b66af045d71:0+gzip"
vary
Accept-Encoding
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
max-age=259200
content-type
application/javascript
content-length
104747
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b70ba927283001f284c5183bc150ea769dd15a901dd31875ab371b25194b6535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 12 May 2021 06:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7658
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1740835900918404&plah=www.needcoolshoes.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 12 May 2021 06:26:12 GMT
view.aspx
server.cpmstar.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?tfcd=0&poolid=83516&json=c_mp&mv=1&gampb=1&callback=u14mbyd
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a61f6eec20bf9e92e932b4e0e49850941066c5ca2a163a1050420d03fdc2627d

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 06:26:11 GMT
Server
Microsoft-IIS/10.0
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Type
application/javascript; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FE1E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.needcoolshoes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.needcoolshoes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 12 May 2021 06:09:09 GMT
expires
Thu, 12 May 2022 06:09:09 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1023
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
pagead2.googlesyndication.com/bg/ Frame FE1E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 21:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
119524
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5679
x-xss-protection
0
expires
Tue, 10 May 2022 21:14:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210510&jk=2939392112001003&bg=!mZqlmt7NAAY59bwoOfU7ACkAdvg8WsxH0JH4HKDguVDR4wulvuTq5OaM2BJ8uLbV7ah16qWsLJHOtQIAAABkUgAAAApoAQeZAlJzVgaKKQMzL84OD93EdwBlFHxNkqoaHQQAh69UkHPPKtb_xOjUxOghva6T0gDYmEHfB62wJKue0vSs1l8auBg00cYloipSWZ_GPhHKXawahHmkekxQNyRhw0PILFeefQsH7Nee92UTyDWWT0BjFADAuDEOdc-KEAhCsR-XkS8rme6h1-Ymyod-7EHKMxDlMq7czMjBVlzAEXfUAww1jp2YAAUtYmIasgIBJv9BeYdJ7pGHK_zhUMhb1UuqPrkQfxD62-eXswZVOmpIfoVJioDfi31BQgYrDlDiovO4aAwuSjk9uTz5hwb07NlvFmvE_spmywyhZwzSHp1rMHD7rI59AFQt3WdzsXWn85monFJv0t8m7eYD-3djMYmNiSkQ2evPVPZBYX9rJFEWs-OXC8cg3nRZspNa86iSnH1POJpo8pgu48J0LCHYP8w7BUD_izyekHxxAAPd7khXYJ5InNRtAGCtW3EPlsEvFff4vB4eWC7LY-2zJiYDYT2Cuud2KudoYOa6yOd5SVBlDBqgk1kz0hq2Zbd1f1G4zC8K_u5-s4qt0Z_d4IoSKD5SMnInvtpFKVqsfmCjdqKi5Ksah-WsixENdL1do0u1dvP_I7s5QCsbSpGglJOhG2gbQSioiF0o-sen9TS3jNHbDhc9R5yBw9OPTgyD4cbL2aXPYUQy5ik0UpEPRfJDbrGqa6v3VajZR8avcqdh0oDnLvES748J4cG1bfAHF46L8AA-gbF3wymEgymgT2ZQ9IZ44eURtY8FCh7GoOlSJjB5xiH4qA5c580
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 06:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 68D2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNwOyUfUT2JlTpPhYly0HA8BVcmpM02xKbUhXRcEsMgiWwpXIpuu5jEQ5F8F2iTR_UpkS_YBfwLfjhGlIDD8q9qEEGNDzPU2zGgcZFdnH2Bwf4Lmr8Ei93LDotFw&sai=AMfl-YSoT6W2lTMyOe6nluu5goZORWh--RGIXHNAtid3i6ioKCKndmetCVTutGflSCl0bjX-ReWy4xsgKZa4&sig=Cg0ArKJSzBko2MpBgt2xEAE&id=lidar2&mcvt=1000&p=100,315,380,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210510&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2663260536&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1620800770950&dlt=351&rpt=108&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 May 2021 06:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.aspx
server.cpmstar.com/ 		0
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?poolid=0&script=1&json=nc&callback=u1l7kk5&rnd=136492&tfcd=0&
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=1097
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 May 2021 06:26:14 GMT
Server
Microsoft-IIS/10.0
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Type
text/html
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Dark_Knight_EN_336x768_Left.jpg
ssl.cdne.cpmstar.com/cached/creatives/1209330/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.cdne.cpmstar.com/cached/creatives/1209330/Dark_Knight_EN_336x768_Left.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F6D8) /
Resource Hash
1a6bb5880ed2cf0042a280df210a2766d78af044859740eab23277f53c217939

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:14 GMT
last-modified
Tue, 11 May 2021 22:45:22 GMT
server
ECAcc (ska/F6D8)
age
27652
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
public
content-disposition
inline;filename=1209330_Dark_Knight_EN_336x768_Left.jpg
accept-ranges
bytes
content-type
image/jpeg
content-length
93548
expires
Thu, 13 May 2021 06:26:14 GMT
Dark_Knight_EN_336x768_Right.jpg
ssl.cdne.cpmstar.com/cached/creatives/1209330/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.cdne.cpmstar.com/cached/creatives/1209330/Dark_Knight_EN_336x768_Right.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7B2) /
Resource Hash
9477acfdf5a80747604538b3a09e170ae4b6a3c7801710dc52973fb66010d37e

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 06:26:14 GMT
last-modified
Tue, 11 May 2021 22:45:22 GMT
server
ECAcc (ska/F7B2)
age
27652
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin
*
cache-control
public
content-disposition
inline;filename=1209330_Dark_Knight_EN_336x768_Right.jpg
accept-ranges
bytes
content-type
image/jpeg
content-length
89434
expires
Thu, 13 May 2021 06:26:14 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		44 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1620800775023
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1097
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.184.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-184-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d77e2c19e27490536566641587046a54e2df07ee75026662abd8cb546ba3f38b

Request headers

Referer
https://www.needcoolshoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.needcoolshoes.com
date
Wed, 12 May 2021 06:26:15 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 035B 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ambxis1620800775313
Requested by
Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=1097
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.184.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-184-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
186bc50b815d8d3e04fd5f51fb354f398d70f86a487376d01ff671d07a72d456

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=ambxis1620800775313
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.needcoolshoes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.needcoolshoes.com/

Response headers

date
Wed, 12 May 2021 06:26:20 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| cpmstar_siteskin_settings string| google_user_agent_client_hint object| App function| $ function| jQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| init function| newPattern function| updateLayer function| updSortableLayers function| patternsHandler function| showPreview function| hidePreview function| colorsHandler function| layerHandler function| layerMoveRedraw function| getNBT function| jsonOutput function| jsonInput function| clearAll function| updateTip function| updateTotals function| updateOutput function| setUrlGal function| readUrl function| chaosInt function| chaos function| craftPattern function| screenshot function| savedGalHandler function| loadLocal function| newSaved function| addLocal function| delLocal function| savedHandler function| clearSaved function| exportChest function| encPair function| decPair function| compact function| epic function| donatePopup function| halp function| supports_html5_storage undefined| _canvas undefined| _layers undefined| _preview undefined| _url undefined| _code undefined| _craft undefined| _jsonMode object| _saved object| _savedTemp undefined| _total object| _totals string| base64dict string| _color object| _patterns object| _colors object| _colorsInv object| _crafting string| _scrlazy function| html2canvas string| base string| bl string| bo string| br string| bri string| bs string| bt string| bts string| cbo string| cr string| cre string| cs string| dls string| drs string| flo string| gra string| hh string| ld string| ls string| mc string| moj string| mr string| ms string| rd string| rs string| sc string| sku string| ss string| tl string| tr string| ts string| tt string| tts string| vh string| lud string| rud string| gru string| hhb string| vhr function| Sortable object| google_image_requests object| $container object| $single object| $el function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| create_cpmstar_siteskin object| cpmstar_siteskin string| rand function| gk97sf object| cpmstarx object| $jscomp function| nfhq9f function| siteSkinReady function| __cmp object| progskin object| starpbjs object| rhp24o7 object| cpmsx function| starpbjsChunk object| _pbjsGlobals object| GoogleGcLKhOms function| u14mbyd function| u1l7kk5

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.needcoolshoes.com/ Name: _ga
Value: GA1.2.2035555741.1620800771
.needcoolshoes.com/ Name: __gads
Value: ID=c4f0794492ca91dd-22ab650011c8006d:T=1620800771:RT=1620800771:S=ALNI_MYTYI6sejd1E4YLUyaOP_wN5PdZTA
.needcoolshoes.com/ Name: _gid
Value: GA1.2.1848788780.1620800771
.doubleclick.net/ Name: IDE
Value: AHWqTUnrLqSZO_FXmNqgwU8L0ARNZZYpQb7Seb3DEWJ9q7G1dvBYInxKohj5FqssEZ0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.needcoolshoes.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
console-api log (Line 3)
Message:
doo doo doo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pre.ads.justpremium.com
server.cpmstar.com
ssl.cdne.cpmstar.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.needcoolshoes.com
152.199.21.117
18.195.184.113
216.58.212.130
23.235.251.211
2a00:1450:4001:802::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9c
54.236.206.131
03bef40f774dc227be80de9052bd4c0940073205041545ce2e36e960cc9bd348
0c3f8c971306eb98dbc271c6d36058f7b421e04b2bb1c03ad093dc1daedc5347
0e3de2e14d9c8708fe42cbb220f1c4d52b720493b1503aa266fac9361b64ac31
0ee2fdca9b00e3dd008b67cff8077d2ad0c710598b230bb66557baae2b392e58
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186bc50b815d8d3e04fd5f51fb354f398d70f86a487376d01ff671d07a72d456
1a6bb5880ed2cf0042a280df210a2766d78af044859740eab23277f53c217939
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
25bbd9e1bf7e90508af553d13dbca7531168cd41725dc2a14818b0e799bf4e8d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30a068e4fb4cb2faa71b8e613d047c02cc7fd691d937e34c8cbcb82dc1fa301d
3131bce444adea5e7ce020f0c0d0d778cb3f4140f9706d8db1ccbf576a32ae47
3320f52d68d27590415808e51326b1553d18bb515cd1d14d04646fb193e2de76
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72
3b0fc877763d6652ad1957931e9a93eab9c563e2d821e4d27e39c6d8f7bd8c9e
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
43f7a4a500f7e7c72d9ba1760b24e651490b30aefb8bcae8d3f10b43e5259a91
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
4f80aeec95436750dc7632e50e36c5f82ae35ec807f0945035a11780bf35d747
54446b2fb72588e7442e3a65ff9bc1d09b98cfc3164d355d718137b3618f5a55
587e6fab88606dd71c1090fab7a280c38634d54edc72ca4da97e327a7bb8f1ef
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5df0f937f9a5c90461cb5e8f99d50cc1cbb978b6383aaa0287e9c2082acfb1c9
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
6410c37ef7a19d049c96aef9600957a6edb8c4ab6c30f235423f7821dee640c8
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0489619b42dc28c6d135cf946eaea95f6206229dedbad28a2636d3525fdb3e
6ce8cb1461f940641cf5409d4946dcbb72d356ad1ce5d913f583a1a7f5b78017
7214a095fd4f7e9a82b8af39b62c3541dc1aac985a6d0afe54402e9f70834763
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
76993d466842e3b40c57bcede8a572699973ff5921dc469b3d3c89651c4ed00e
7c0c64dd3ebd0301f6970e85cac5656838a6250c95567781828cdaac3e37994a
83a6d8ea48a2394fd9a357f8903510f3fcd962a837f6d8e623b0f7183b37143a
876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8df9592e56bd0616ed6af91c1e33f2d72ea33fe73ae2dea4a5d6dcf382c3e775
923d63425036abff56d79d6e39e3878bf4854c39831744c7019bd796000a9a36
9477acfdf5a80747604538b3a09e170ae4b6a3c7801710dc52973fb66010d37e
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a61f6eec20bf9e92e932b4e0e49850941066c5ca2a163a1050420d03fdc2627d
aa2d25309f6f2f59715a0c32c2eb35105d2aee3e9ba13af7a226f5ef7707eeb4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b1823c0feb42b393ef6db408c045d04f28d172c7bd582835c237a54a1d2fd085
b39f453bf8f6d91f551a1306f02bb9d3d05e441bd0a121bf635ce57e2ad613ba
b70ba927283001f284c5183bc150ea769dd15a901dd31875ab371b25194b6535
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5e5c9500099641f50775e72c449a319437c25b4f29d6681d35c48f9365ec5ee
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c88c4ff8324d3b18c5784f759de1bc4bc1e64b65d1f3f419d46ccf9ae88b56b4
ce6e37d7be30341e88c39e32a15c0274cba12fa24ef9a2158d96835ea87c64eb
d5e4db82b5272ab8f9f185a23eca6cbddc446363eee542c72099226b933a60a7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77e2c19e27490536566641587046a54e2df07ee75026662abd8cb546ba3f38b
d883df57bb893370d709d8474d8268444a7636f75908cbf583b56b0556c1ba50
d949ae51099d029b266fbcb868316ec7386ca5284000e5f1fb0bbbac81efa5a1
db74696d286086332e5edd1cfafeba7121af63cf343431286e9c690a9c2efe5e
e11f24cbc5a08c34d9baf1d8f0b3db5771256d6e99c4dd1b525bae30c411af27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac5c50a09bc54f3114788c089f6a048fbfd0be7b64f56d1e135a8817e33a004
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3d32f0e25437c6995f4ed984f3dca542b130b847af8ecc84fda4b9e528fd065