www.proxysite.com Open in urlscan Pro
3.216.250.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us12.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgFUVRrTAOrjv0hpyVuwWiG...
Effective URL:
https://www.proxysite.com/
Submission: On October 18 via manual (October 18th 2022, 6:15:31 pm UTC) from BR — Scanned from CA

Summary HTTP 180 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 29 domains to perform 180 HTTP transactions. The main IP is 3.216.250.79, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.proxysite.com. The Cisco Umbrella rank of the primary domain is 198802.
TLS certificate: Issued by Amazon on March 28th 2022. Valid for: a year.

This is the only time www.proxysite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.114.210.76 167.114.210.76	16276 (OVH) (OVH)
1 18	3.216.250.79 3.216.250.79	14618 (AMAZON-AES) (AMAZON-AES)
23	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
4	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
23	34.102.128.115 34.102.128.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4006:821::2004	15169 (GOOGLE) (GOOGLE)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:2be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:20e... 2600:9000:20ed:6800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
14	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	20.230.171.39 20.230.171.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2600:1f16:b8a... 2600:1f16:b8a:8e02:cd98:4da4:aeb4:c369	16509 (AMAZON-02) (AMAZON-02)
2 2	3.219.97.25 3.219.97.25	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:116:800b... 2620:116:800b:21:4cb8:1820:80ca:50f7	14618 (AMAZON-AES) (AMAZON-AES)
2 2	96.17.64.208 96.17.64.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f111:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
180	25

1 167.114.210.76 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: bhs2.nux.net

us12.proxysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 3.216.250.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-250-79.compute-1.amazonaws.com

www.proxysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com

g.algbid.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:2be (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:6800:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.64.98 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.230.171.39 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

beacon.walmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:b8a:8e02:cd98:4da4:aeb4:c369 (Columbus, United States)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.97.25 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-97-25.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.17.64.208 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-208.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f111:181:face:b00c:0:25de (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	594 KB
31	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	182 KB
19	proxysite.com 2 redirects us12.proxysite.com www.proxysite.com — Cisco Umbrella Rank: 198802	167 KB
15	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 26308	94 B
13	gstatic.com www.gstatic.com fonts.gstatic.com	168 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	6 KB
8	algbid.app g.algbid.app — Cisco Umbrella Rank: 15979	54 B
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	279 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	149 KB
4	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 1521	997 B
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	66 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 713	141 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 671	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 3396	879 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	973 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 584	632 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 15566	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	87 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	18 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	463 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	296 B
1	walmart.com 1 redirects beacon.walmart.com — Cisco Umbrella Rank: 4510	620 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 651	744 B
1	rtbrain.app cdn.rtbrain.app — Cisco Umbrella Rank: 18016	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	699 B
180	29

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net www.proxysite.com tpc.googlesyndication.com pagead2.googlesyndication.com
23	pagead2.googlesyndication.com	www.proxysite.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
18	www.proxysite.com	1 redirects www.proxysite.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.proxysite.com
15	g.bidbrain.app	googleads.g.doubleclick.net
14	cm.g.doubleclick.net	googleads.g.doubleclick.net www.proxysite.com
10	fonts.googleapis.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
8	g.algbid.app	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	rtb.openx.net	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
4	platform.twitter.com	www.proxysite.com platform.twitter.com
3	s0.2mdn.net	googleads.g.doubleclick.net tpc.googlesyndication.com
2	static.xx.fbcdn.net	www.facebook.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	cc.adingo.jp	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	id.rlcdn.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com www.proxysite.com
2	www.google-analytics.com	www.proxysite.com www.google-analytics.com
2	connect.facebook.net	www.proxysite.com connect.facebook.net
1	www.facebook.com	connect.facebook.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	beacon.walmart.com	1 redirects
1	d.agkn.com	1 redirects
1	cdn.rtbrain.app	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	www.proxysite.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	us12.proxysite.com	1 redirects
180	36

This site contains links to these domains. Also see Links.

Domain
us6.proxysite.com
pryvacy.com

Subject Issuer	Validity	Valid
proxysite.com Amazon	`2022-03-28` - `2023-04-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
g.algbid.app GTS CA 1D4	`2022-10-11` - `2023-01-09`	3 months	crt.sh
g.bidbrain.app GTS CA 1D4	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
rtbrain.app Cloudflare Inc ECC CA-3	`2021-12-18` - `2022-12-18`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.proxysite.com/
Frame ID: 6245C01703D79C9E4EFB7ADD4016B1C1
Requests: 39 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.proxysite.com
Frame ID: DE060EB45D045CCDF032CDE48BC2173B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: 2B999FF55EC50FE563D09D1E7703CBD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Frame ID: 479365FE8DCC83B93DC2D6C76DE1D039
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Frame ID: 6F87EDB0C0201A7469071E13823A0D48
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1896178145&pi=t.ma~as.6803856480&w=728&lmt=1666116920&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919963&bpp=1&bdt=373&idt=282&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FdTAHsBIiT&p=https%3A//www.proxysite.com&dtd=293
Frame ID: 736C82C0A1065DB74D82DB3A5B87F13E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1666116920&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919987&bpp=3&bdt=397&idt=274&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=292
Frame ID: 57D5F23A7D95894B36B0BF359EB871AA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
Frame ID: D60C69AA4869FA7155B9A7A98B7C1E65
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=4191319412&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=fH7hRuQNCr&p=https%3A//www.proxysite.com&dtd=58
Frame ID: 39065D86F39DC79052549527098BEF92
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69
Frame ID: 42CDC0E2A7C11466AD71D43B63566841
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Frame ID: 40A167CEAB803BCDEC1CC40713946944
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8933822B43E4BF04350896EBA6336B3D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html
Frame ID: 5CB561315BC6A9E3937038169F5D3BE0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C4YU5OO1OY9HZNNT6xtYPxNKG2AXN-cXkbMS6xYyAEM3Kr_f4MBABIIHzkylg_eiigfADoAGmnMX1AsgBCagDAcgDSKoE0AFP0LwTA1dY4Mb6p_tfrDNz11i89blbSYH5T0bKMousBXdUxTpRJD54aWQmuSUlQDgfU-XnK9DcLi7_f51aIkQwfI9FMy0lq3SUzmCg2zN91vvsx13Sy7hmexgZkgFgVEsGD3PXb96Vt9UWWCygkYGSfEbihLk8CdXgfbTiurR1pSo7LyAxhaxuV04pcVCKi4MkKytjX4omlcioQDHVpgiby87AE_KmwAiODRFYJz8mPGXK7JAMl--TioPw_CBbOpk6C4I9RmrpvMyKxWKUbanQwASg2rz0gASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHwuO6igGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDMqQHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=T6vu1C8jh-U&uach_m=[UACH]&cid=CAQSPADq26N9yHJ9ZFsI1j9FHAT1vx0FPAv4HhY3zRsuBZVoRbTapIH6UdOE4vid4bPzgqfoUtY3bnSn6WuW9BgBIA4&template_id=419
Frame ID: 8BD261AF5558A232C44730635F8E337E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1AA6D5FAB9267C29B82DFAAA6257473
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 364042B0D2B384C5174E15C2AE38EE3E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9D190D3BE0FD68417FFBE08231BA2D8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7263D5B396EFA8F07CDE4500532A8F38
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Frame ID: 3504E6BF75F7123D57FE1CA7D4BDD7CE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1511eb957096f4%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ffad174b7ed9598%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80
Frame ID: 2B5DF244F4D599288D1A30C08AF66EC7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D7E44EF392B98AFDEABFD252449C426
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B93445F282F9CAA8D216DC37F47A019
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProxySite.com - Free Web Proxy Site

Page URL History Show full URLs

https://us12.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgF... HTTP 302
https://www.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgF... HTTP 301
https://www.proxysite.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

93 %
HTTPS

56 %
IPv6

29
Domains

36
Subdomains

25
IPs

3
Countries

1881 kB
Transfer

4814 kB
Size

40
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://us6.proxysite.com/go/youtube.com
Title: YouTube

Search URL Search Domain Scan URL

URL: https://us6.proxysite.com/go/facebook.com
Title: Facebook

Search URL Search Domain Scan URL

URL: https://us6.proxysite.com/go/twitter.com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://us6.proxysite.com/go/reddit.com
Title: Reddit

Search URL Search Domain Scan URL

URL: https://us6.proxysite.com/go/imgur.com
Title: Imgur

Search URL Search Domain Scan URL

URL: https://us6.proxysite.com/go/google.com
Title: Google

Search URL Search Domain Scan URL

URL: https://pryvacy.com/
Title: Pryvacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us12.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgFUVRrTAOrjv0hpyVuwWiGidkVZkyIBL7qVth3l3HWOEwAbS&b=1 HTTP 302
https://www.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgFUVRrTAOrjv0hpyVuwWiGidkVZkyIBL7qVth3l3HWOEwAbS HTTP 301
https://www.proxysite.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127

https://d.agkn.com/pixel/2175/?google_gid=CAESEJ5imEyEFrEv-MQ6m0SoFos&google_cver=1&google_push=AZmPxg9qSgOyAePk4_3AAdxjCBvFar8a0x1kYwgMcwqw4fIRgDpudjEKLXH6AXWUngZt08bzdgHNn0GpKEOerE_6Inv0Wz9oFvmzywHB98fpvFG3SmOIoQJdOs6WtXGgGeiLmrwp07EwijX3SKWQHCYO1IU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9qSgOyAePk4_3AAdxjCBvFar8a0x1kYwgMcwqw4fIRgDpudjEKLXH6AXWUngZt08bzdgHNn0GpKEOerE_6Inv0Wz9oFvmzywHB98fpvFG3SmOIoQJdOs6WtXGgGeiLmrwp07EwijX3SKWQHCYO1IU&google_hm=Q0FFU0VKNWltRXlFRnJFdi1NUTZtMFNvRm9z

Request Chain 128

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9BPDoWXI6HU9s_aiDLxWoQ2v6FyRdDkQ926ldg-cOsE-IZUoHGn3A0QOz0iouKTQBMDJK6IIhXWcqgnSumsrXY2H0HShqPkjwNFuC-hA9lODrrSGKI1hu1HjwWIaF1nsa_wW2QlLdfnrJYxNIOqNc&google_gid=CAESEHUNKb2LP1J3o3YJCINHIO8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLrau5oGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVptUHhnOUJQRG9XWEk2SFU5c19haURMeFdvUTJ2NkZ5UmREa1E5MjZsZGctY09zRS1JWlVvSEduM0EwUU96MGlvdUtUUUJNREpLNklJaFhXY3FnblN1bXNyWFkySDBIU2hxUGtqd05GdUMtaEE5bE9EcnJTR0tJMWh1MUhqd1dJYUYxbnNhX3dXMlFsTGRmbnJKWXhOSU9xTmM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd3Ftekc0S2toU1IxLWpJd3hlRmVob3ZxVWVFcldFS2YzcndWTzdhNXpnbw==&google_push

Request Chain 129

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEDmRs89yjf2dmeEZIgP-UHY&google_cver=1&google_push=AZmPxg9AVJ8zxsAm1_wmFsHvdQ2DaectEijYPkAAap2JTE50ZplcKlbXxFk7KZm9UnCsFnAeniklcz9r0UdZIMMyb4jri9BBA-fJ71vFmPIp7AGpQD5PmCZXuhD8Sos288pLl6C-x1J0_NBRytkJSZP7sfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=VZyBdfTL40Ak5iidhUZ_co&tap=gAds&google_gid=CAESEDmRs89yjf2dmeEZIgP-UHY&google_cver=1&google_push=AZmPxg9AVJ8zxsAm1_wmFsHvdQ2DaectEijYPkAAap2JTE50ZplcKlbXxFk7KZm9UnCsFnAeniklcz9r0UdZIMMyb4jri9BBA-fJ71vFmPIp7AGpQD5PmCZXuhD8Sos288pLl6C-x1J0_NBRytkJSZP7sfw

Request Chain 130

https://rtb.openx.net/sync/dds?google_gid=CAESEJKfXurxQ21LVc-RaDzhvPM&google_cver=1&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2qVWe94Y2Y5pFdVtRZ2L4Uv5tex5EbtYLlZ8TLbNdVSKvnAqZcay-vqw HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEJKfXurxQ21LVc-RaDzhvPM&google_cver=1&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2qVWe94Y2Y5pFdVtRZ2L4Uv5tex5EbtYLlZ8TLbNdVSKvnAqZcay-vqw&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2qVWe94Y2Y5pFdVtRZ2L4Uv5tex5EbtYLlZ8TLbNdVSKvnAqZcay-vqw&google_hm=Z3oeqzUmxSoT7F2qlOAicw==

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO--25TD5q-cokagXdbIQzQ&google_cver=1&google_push=AZmPxg-XJghwUv4WUKMFrk0N0SZkleG_-LdSE-Aw9oUCrlLLX4e1cC3yMVkR47v5vv68gd1mSBvH2jVKdsUJ2UbYf_kfDdyF7aA7s8AJDzdseKQtwXGktDdxvweuipU2N7dqs_PL5VyHIeSlu3RdiimGVIY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzUtMUEtNUUwVw==&google_push=AZmPxg-XJghwUv4WUKMFrk0N0SZkleG_-LdSE-Aw9oUCrlLLX4e1cC3yMVkR47v5vv68gd1mSBvH2jVKdsUJ2UbYf_kfDdyF7aA7s8AJDzdseKQtwXGktDdxvweuipU2N7dqs_PL5VyHIeSlu3RdiimGVIY

Request Chain 133

https://cc.adingo.jp/adx/push/?google_gid=CAESEDWdcOGvZGWt_3g2IEo348Y&google_cver=1&google_push=AZmPxg9vkta0fNA1jokJLhzHdonPGFGk-8GOcRN8O_0XwYv173E0NXsNUxN74RDvUpJ9VI9H_tll7uwgFpxph4gzkOoYent9Kz11vGqBCbttPqlS1U02QDYF2VUiEUMZN1GaDZyMJM7MOKu4cAtJNfa_mr0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9vkta0fNA1jokJLhzHdonPGFGk-8GOcRN8O_0XwYv173E0NXsNUxN74RDvUpJ9VI9H_tll7uwgFpxph4gzkOoYent9Kz11vGqBCbttPqlS1U02QDYF2VUiEUMZN1GaDZyMJM7MOKu4cAtJNfa_mr0&google_hm=a9e4a4a77238819539dfc4f61ff2c3e9

Request Chain 136

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-PK2X3bB8ZRJG-8fbQgyySqvMOrd6qzsQV98fVmdTbrIFWhBRV66ytyBewSOr5_8E8oprhFCok-telUx6ukK98g8aLfVk&google_gid=CAESELkKfwATML0fN5heu_SQfm8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-PK2X3bB8ZRJG-8fbQgyySqvMOrd6qzsQV98fVmdTbrIFWhBRV66ytyBewSOr5_8E8oprhFCok-telUx6ukK98g8aLfVk&google_gid=CAESELkKfwATML0fN5heu_SQfm8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxODE1MjIwMDAxMTMxOTg1NTg4NA%3D%3D&google_push=AZmPxg-PK2X3bB8ZRJG-8fbQgyySqvMOrd6qzsQV98fVmdTbrIFWhBRV66ytyBewSOr5_8E8oprhFCok-telUx6ukK98g8aLfVk

Request Chain 137

https://rtb.openx.net/sync/dds?google_gid=CAESEIkazt8bE-UIlD5OfIbRd1s&google_cver=1&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEIkazt8bE-UIlD5OfIbRd1s&google_cver=1&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ&google_hm=Z3oeqzUmxSoT7F2qlOAicw==

Request Chain 138

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOw6zJ8yp9QlmatrNTgbSY0&google_cver=1&google_push=AZmPxg_DbAPadGuMXdyRYI02Sk7vvdZ3uPm-H8kFOGZhR4HFbsxbTGFLXPfHe23pjqmuLie56HEr5bqMSGX6CLp75m0w73ctuqsy HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOw6zJ8yp9QlmatrNTgbSY0&google_cver=1&google_push=AZmPxg_DbAPadGuMXdyRYI02Sk7vvdZ3uPm-H8kFOGZhR4HFbsxbTGFLXPfHe23pjqmuLie56HEr5bqMSGX6CLp75m0w73ctuqsy&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c123a617RzmD5JQBT8Qu7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_DbAPadGuMXdyRYI02Sk7vvdZ3uPm-H8kFOGZhR4HFbsxbTGFLXPfHe23pjqmuLie56HEr5bqMSGX6CLp75m0w73ctuqsy

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHWNxTVV-DfvJUQMGhmOX7Y&google_cver=1&google_push=AZmPxg-AIhFls-E6g-tg6-eCXL65ilWHpBejSsDpfTIbyTjf97AwF66058PYP00G7ivZIm1yllxX_srSM9ybDB1F_MGq-S9OJBlt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzctNi0yV1A2&google_push=AZmPxg-AIhFls-E6g-tg6-eCXL65ilWHpBejSsDpfTIbyTjf97AwF66058PYP00G7ivZIm1yllxX_srSM9ybDB1F_MGq-S9OJBlt

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_cver=1&google_push=AZmPxg_bVxj7Mvn12_MYGMQSt2i7cy7RnkhTbha8mJpZECwwHk-YRJc00E_40NAdl0mqcrpg7yGQuntQTxMOEUjH2KbLNqfZvis HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_push=AZmPxg_bVxj7Mvn12_MYGMQSt2i7cy7RnkhTbha8mJpZECwwHk-YRJc00E_40NAdl0mqcrpg7yGQuntQTxMOEUjH2KbLNqfZvis&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_hm=Y07tOmbzfXBbzr1KPSbWTwAAAHwAAAAB&google_nid=index&google_push=AZmPxg_bVxj7Mvn12_MYGMQSt2i7cy7RnkhTbha8mJpZECwwHk-YRJc00E_40NAdl0mqcrpg7yGQuntQTxMOEUjH2KbLNqfZvis

Request Chain 141

https://cc.adingo.jp/adx/push/?google_gid=CAESENOl6RsCWdu03oCcoNiKPwQ&google_cver=1&google_push=AZmPxg-pzUzKL4lEedGdNojQQvSWLM0sRKNvzZ5B2MRFpVUrLHeDrtLknZQcL07AhY90GnMuaJEBYtx4H4zzKpMDT5AZLgh3Qsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-pzUzKL4lEedGdNojQQvSWLM0sRKNvzZ5B2MRFpVUrLHeDrtLknZQcL07AhY90GnMuaJEBYtx4H4zzKpMDT5AZLgh3Qsw&google_hm=9807501e0c326daca680d3d9149d093d

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

180 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.proxysite.com/
Redirect Chain

https://us12.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgFUVRrTAOrjv0hpyVuwWiGidkVZkyIBL7qVth3l3HWOEwAbS&b=1
https://www.proxysite.com/process.php?d=ETk0%2B4n9QLVLzpcuroQ4087wa4sC5FPdKW0EPgGx7AmCGK68gJR%2BZ2vDgFUVRrTAOrjv0hpyVuwWiGidkVZkyIBL7qVth3l3HWOEwAbS
https://www.proxysite.com/

14 KB
5 KB

66ms
65ms

Document
text/html

3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 98371895a5461d175a773253c61981e8bb4a43bba33ed2779c5df6a63328f876

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 4087
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 18:15:19 GMT
expires: Tue, 18 Oct 2022 18:15:19 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: max-age=0
content-length: 234
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 18:15:19 GMT
expires: Tue, 18 Oct 2022 18:15:19 GMT
location: https://www.proxysite.com/
server: Apache

GET
H2 200 96f631f.css
www.proxysite.com/css/ 38 KB
8 KB 51ms
49ms Stylesheet
text/css 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 22:05:12 GMT
server: Apache
etag: "97e6-58465952edaf2-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7817
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 logo.png
www.proxysite.com/assets/images/ 3 KB
4 KB 29ms
28ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/logo.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "cd8-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3288
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 privacy.png
www.proxysite.com/assets/images/ 7 KB
8 KB 32ms
27ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/privacy.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "1dbc-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7612
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 speed.png
www.proxysite.com/assets/images/ 5 KB
6 KB 53ms
48ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/speed.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "158b-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5515
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 magnifying.png
www.proxysite.com/assets/images/ 10 KB
10 KB 56ms
51ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/magnifying.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "2690-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9872
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 computer.png
www.proxysite.com/assets/images/ 7 KB
7 KB 57ms
53ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/computer.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "1b25-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6949
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 magnifying2.png
www.proxysite.com/assets/images/ 7 KB
7 KB 56ms
52ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/magnifying2.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "1b58-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7000
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 logo-footer.png
www.proxysite.com/assets/images/ 2 KB
2 KB 30ms
28ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/logo-footer.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "7b4-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1972
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 jquery.js Show response
www.proxysite.com/assets/js/ 95 KB
34 KB 61ms
55ms Script
application/javascript 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/js/jquery.js?v=17030501
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 22:05:12 GMT
server: Apache
etag: "17b8b-58465952c3b12-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33760
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 65f94d5.js Show response
www.proxysite.com/js/ 39 KB
10 KB 35ms
29ms Script
application/javascript 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/js/65f94d5.js?v=17030501
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 22:05:13 GMT
server: Apache
etag: "9a33-584659534d630-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9611
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 149ms
80ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68b5b3bd62172cc57796183fa113981a6b9cfafe623cf66702de61be14d8342b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55186
x-xss-protection: 0
server: cafe
etag: 11882442405315568559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:15:19 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 132ms
26ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 20:05:37 GMT
etag: "f26384f93da6974ed577808dfa1fede5+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT
content-length: 29223
x-served-by: cache-iad-kjyo7100157-IAD

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 72ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

69ee8f0426b5cdfa001e4c73f881b504230ffed888d42a20eecb7f22a40afc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 18:15:19 GMT
content-md5: 5zruSrXtt0HvOUgo2VTSzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: Ena5ATIQPMtdBJNFTGYf8vQWQHnyCZyZqmK7v8ktjjWExLWZl3d5+slegF++V/XrlroVRi3zupVf6PmKRJ3Ddg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 994c745daa84ca3f04e66f86776a98b7
cross-origin-opener-policy: same-origin-allow-popups
etag: "9bf02a76439046a38a85dcd2f0cb48f9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Oct 2022 18:24:32 GMT

GET
H2 200 bg.png
www.proxysite.com/assets/images/ 236 B
765 B 36ms
25ms Image
image/png 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/bg.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "ec-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 236
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 raleway.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 32ms
28ms Font
application/octet-stream 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3ab8-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15032
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 raleway-semibold.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 27ms
25ms Font
application/octet-stream 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway-semibold.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3b18-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15128
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 icomoon.ttf
www.proxysite.com/assets/fonts/ 3 KB
3 KB 29ms
26ms Font
application/font-sfnt 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/icomoon.ttf?-p3bna1
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "a7c-5846594181bd8"
content-type: application/font-sfnt
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2684
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 raleway-bold.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 30ms
29ms Font
application/octet-stream 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway-bold.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3aa0-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15008
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H2 200 raleway-light.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 29ms
29ms Font
application/octet-stream 3.216.250.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway-light.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.250.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-250-79.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:19 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3a6c-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14956
expires: Thu, 17 Nov 2022 18:15:19 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 42ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c591632670d342883d29399b7ac43253

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e51b88904d03ec09df3db56c74b4b524c21ee94f7fd611a33a40d15261fcd852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.proxysite.com/
Origin: https://www.proxysite.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 18:15:19 GMT
content-md5: 4fh1fVeAT/UqC17UJb+Aew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86957
x-fb-rlafr: 0
x-fb-debug: EQDSb5kb/B4Y4WW7A3Chok05qH5rtD3Uynn9zsdh/qiRsj+YUYa2bM9lBActsoiJXSlPIV4kgBVdNV98Pb4efA==
x-fb-content-md5: 697a94ea2d273763bbe5adb93513db87
cross-origin-opener-policy: same-origin-allow-popups
etag: "9b68d4e8b829133c37ae5366d3efb336"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Oct 2023 17:24:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
32ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 16:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6021
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 18:34:58 GMT

GET
H2 200 widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame DE06 320 KB
103 KB 24ms
23ms Document
text/html 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.proxysite.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105445
content-type: text/html; charset=utf-8
date: Tue, 18 Oct 2022 18:15:19 GMT
etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
last-modified: Wed, 28 Sep 2022 20:04:27 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-cache: HIT
x-served-by: cache-iad-kjyo7100157-IAD

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 353 KB
125 KB 149ms
65ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

210a6349e28a4da5891940283c0a17d559c2a66dbb16a1b18946b6c672b2d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127535
x-xss-protection: 0
server: cafe
etag: 3783347939896101389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame 2B99 10 KB
5 KB 103ms
21ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 17:54:41 GMT
etag: 9671129459699598864
expires: Tue, 01 Nov 2022 17:54:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
33ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1352466471&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proxysite.com%2F&ul=en-us&de=UTF-8&dt=ProxySite.com%20-%20Free%20Web%20Proxy%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=756878099&gjid=637253041&cid=1026300733.1666116920&tid=UA-45368124-2&_gid=2115510952.1666116920&_r=1&_slc=1&z=1253799785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.proxysite.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.proxysite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DE06 852 B
676 B 139ms
48ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2ee36c91a229d01c06de5817aef9dab44f20c052

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.proxysite.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

d234d0084ff13555f7cee9211dc834356cae63b833c6c217dc81d87f6835ca6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 6
date: Tue, 18 Oct 2022 18:15:19 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 18 Oct 2022 18:15:20 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9ac613eefdb5c5d4
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d63e261db4094c51782fa4d02d19925d6c261444be748954120db82c8dca903e
content-length: 356

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
699 B 89ms
37ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.proxysite.com&callback=_gfp_s_&client=ca-pub-5271052033776811&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef6cacd1200cc6e3f6b763a5349e0c4d1fe9fdad8062500c51e9364c3d2c1bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 107ms
45ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.proxysite.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
44ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4793 69 KB
20 KB 476ms
429ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b16ec1b4360840baf637e838f52d638330f2f5ea6b361de7e4368568cb61dc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 20757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:20 GMT
expires: Tue, 18 Oct 2022 18:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F87 69 KB
20 KB 432ms
405ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d59f37ea3cc4092be97bcb0719277ed5c5c817f448d0bd846ce7baa68326f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 20646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:20 GMT
expires: Tue, 18 Oct 2022 18:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 736C 430 B
232 B 454ms
442ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1896178145&pi=t.ma~as.6803856480&w=728&lmt=1666116920&rafmt=12&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919963&bpp=1&bdt=373&idt=282&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2922&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=FdTAHsBIiT&p=https%3A//www.proxysite.com&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79811790e31275a114e5b741060838bd331ad28893b934727ef3693cce1b661b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:20 GMT
expires: Tue, 18 Oct 2022 18:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57D5 78 KB
31 KB 374ms
372ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1666116920&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919987&bpp=3&bdt=397&idt=274&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=292

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64a5bfcdb3d94c2f12491403901dd174c03845ed276f965d408d37a0fdbb55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32025
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:20 GMT
expires: Tue, 18 Oct 2022 18:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
2 KB 45ms
22ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 20:04:20 GMT
etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
x-cache: HIT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT
content-length: 2362
x-served-by: cache-iad-kjyo7100157-IAD

GET
H2 200 tweet_button.7dae38096d06923d683a2a807172322a.en.html Show response
platform.twitter.com/widgets/ Frame D60C 37 KB
14 KB 34ms
21ms Document
text/html 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ef70c77286b42ad41baf16b6895cf1e921540d159438439a9a31dc05e11ef5a

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 13753
content-type: text/html; charset=utf-8
date: Tue, 18 Oct 2022 18:15:20 GMT
etag: "5f5bf2b99100f854c01f4f321282f861+gzip"
last-modified: Wed, 28 Sep 2022 20:04:24 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-cache: HIT
x-served-by: cache-iad-kjyo7100157-IAD

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
126 B 63ms
49ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.proxysite.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1666116920422%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=2ee36c91a229d01c06de5817aef9dab44f20c052

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 12
date: Tue, 18 Oct 2022 18:15:20 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 18 Oct 2022 18:15:20 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 6e74b2da33ec1c18
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d63e261db4094c51782fa4d02d19925d6c261444be748954120db82c8dca903e
content-length: 43

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ 151 KB
54 KB 73ms
71ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/reactive_library_fy2021.js?bust=31070368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

732e46c76fda566092e442ed8a93c0c84c37be40e2e09fd4dd7f501b90f1953a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55058
x-xss-protection: 0
server: cafe
etag: 16953875715136613601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
44ms Image
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-5271052033776811&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
42ms Image
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-5271052033776811&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20221016_073452&sat=1666097976045&afm=0&as_count=3&d_count=0&ng_count=0&am_count=3&atf_count=2&mdns=0.175&alldns=0.290&allp=34&fd=(0%2C24%2C9)%2C(2%2C0%2C0)&pgh=3718&abl=false&rr=n&su=www.proxysite.com&pvc=2259182986095933&r=0.1&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 115ms
55ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.proxysite.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 114ms
56ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3906 88 KB
32 KB 451ms
446ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=4191319412&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=fH7hRuQNCr&p=https%3A//www.proxysite.com&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58f7231beb748043b11987dcc50a2741b1d3e9490d75a4120b0b75940f104489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:21 GMT
expires: Tue, 18 Oct 2022 18:15:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 42CD 133 KB
44 KB 430ms
422ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad6b53d219b4d6acec747579f5fc6f2bb0d57c26013a5ec44cc57803963faa0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNHV45mx6voCFVS90QQdRKkBWw&gqi=OO1OY9WBNN2PvPIPhO6MiA4&layout=/sadbundle/%24csp%253Der3%24/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44693
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNHV45mx6voCFVS90QQdRKkBWw&gqi=OO1OY9WBNN2PvPIPhO6MiA4&layout=/sadbundle/%24csp%253Der3%24/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:21 GMT
expires: Tue, 18 Oct 2022 18:15:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40A1 73 KB
22 KB 427ms
426ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

713657ab5518f74ff8f2c1e7f7517424b5cbbb1c159acf2a2b5f1ee77c52edd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22941
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:21 GMT
expires: Tue, 18 Oct 2022 18:15:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6F87 4 KB
1 KB 115ms
34ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:28:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6F87 1 KB
500 B 128ms
47ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 17:09:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6F87 2 KB
625 B 121ms
41ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:22:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 6F87 3 KB
1 KB 38ms
27ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 6F87 17 KB
8 KB 102ms
24ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F87 152 KB
47 KB 190ms
112ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
DATA 200
OK truncated
/ Frame D60C 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 4793 4 KB
709 B 99ms
43ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:26:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4793 1 KB
500 B 95ms
40ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:58:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4793 2 KB
625 B 98ms
45ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:48:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 4793 3 KB
1 KB 33ms
26ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 4793 17 KB
7 KB 77ms
25ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4793 152 KB
46 KB 199ms
146ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F87 0
0 145ms
135ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfJCfOO1OY6PVEoeOxtYP0diSoAisneKuZrnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi01MjcxMDUyMDMzNzc2ODExyAEJqAMBqgS7AU_QaQAA1TyKV0VtgYDdbVGT6tFv4OstDQJgjYNkkdAqJYlA-6vekyMwqqgGVLG4ucGA5fSu5882mONBgu8Msy1HZ3cZ0SrSE2kXyihHwxXa6lnvdWbEHlebWYjvJPHeTXKoN7NX9iK5VYabIfGCtBb4LXRavZc9pH1smCuY3hw6cw-yF3O4Sqe957_U57CDz2gPlOBBtR0qPKdxJSlfdDeF6gVmMXEDnLgnd_MOA5_jwSuzoERicKgTgFGABuas5rrOrITS2AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=uQHKG7-sV58&uach_m=[UACH]&cid=CAQSGwDq26N94rHsdVBXnp60MudiR-Sg0U_3KjE5thgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:15:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 204 rtimp
g.algbid.app/ Frame 6F87 0
0 257ms
0ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp?sid=d370fb94-4f10-11ed-9f06-2aed2b2fda38&d=www.proxysite.com&cr=grd_gen11_2_test&a=imp&p=Y07tOAAEqqME0YcHAASsUddeLnZoRVtCHulQWQ&im=kswsxetG4GPZzcg5hpisL7tqa4bHdw1UpuVWnUtrLkTb-2fYFDOeOlR5fRpCk6vSPUQ7Un1ignIUPLG7TjBeQWvksSXA4TeRDID1g0rZNF7_jKOvkoik8zIYmV405NcesWL3mSD0CH6uigzpRVJuwMjyqH3E_M8B3934i3Ze6NVqREpcGqYgC1XKT_ts4m62SqhbXVwoNqiP6_dl_vp2_LGrvzV1FEacd4kkDSd4BF0xNWFwwn7ve98H6xBA3qs9cGms3TH5cXyjUnFviuYo9A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4793 0
0 141ms
136ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS3t-OO1OY_HhEu6cvPIPu8Wd6AesneKuZrnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi01MjcxMDUyMDMzNzc2ODExyAEJqAMBqgS7AU_QuehAL9xtCVN5iVyz4cRy6jMHHNGY3vYAwSRqiLOisLlXSpGUOvk5Q0zIHfkX0jcvBkkuGM0BN4aQjzemnwlEZpQTsVH9hxmFBSGBK0ALYJMMUpZDiNdYz1Gqq0bxBxsaKYWU5xx7-0SNzXcWMyGcEzCQcnESortbqaj9JaHin9HkwscwbRuPognQ7_m_b9MgzCb_d7loZyUxOfTl2vXgYPOELFvlRt6Iy8Ac0x2-9oGmSinOYBiz7J6ABqD68uW5wKHpzAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=vnHQXeXlOTc&uach_m=[UACH]&cid=CAQSGwDq26N9CKeizoIIhmNCnH4R3Vi7dVfNWjwXaBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:15:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Oct 2022 18:15:20 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 4793 0
0 260ms
0ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d37445f6-4f10-11ed-9109-52bc4bf01327&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&a=imp&p=Y07tOAAEsPEITw5uAAdiu1lwxlQou3VeoM7-_g&im=u7ZkMsRuZl1HnTOIokx86hjJULCkxUu99XEsYbe16vXfFeSoS_2Fg1BVKG0J1WBEyB6jHM7iGyJQj9cAKE7w4pj4DhFHFsnyVOJEOTTQksBZ43zQ-ebJqTiEJw13dRwfB607G8o83zFPI0N2kxnzWqkbJd8Tqi3is4pIa87MhzHI34KoxRNw8-L44IczpAcH7ROz1gk2YJGUTSEiKwUV913H9xng6rpCVRmyl-pcmss
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 179ms
75ms Image
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=197138127&adf=1896178145&fmt=728x90&str=true&ad_y=3411.796875&vph=1200&r_nh=0&r_ifr=true&qid=CNvfwZmx6voCFUC50QQdl3UCSg&w=728&h=90&nh=0&rsz=%7C%7CoepE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwww.proxysite.com%2F&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 239ms
141ms Image
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-5271052033776811&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/ Frame 8933 10 KB
4 KB 198ms
104ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 17:57:37 GMT
etag: 9671129459699598864
expires: Tue, 01 Nov 2022 17:57:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cc2fa6f05f6b7ab36f626f2501931c3a.js Show response
www.gstatic.com/mysidia/ Frame 3906 10 KB
4 KB 86ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=4191319412&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=fH7hRuQNCr&p=https%3A//www.proxysite.com&dtd=58

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:34:57 GMT

GET
H2 200 bca10ddd16af34d21051a380f937ccd2.js Show response
www.gstatic.com/mysidia/ Frame 3906 18 KB
8 KB 79ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7723
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:34:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3906 6 KB
672 B 112ms
66ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:17:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 3906 2 KB
902 B 230ms
115ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:35:13 GMT

GET
H2 200 1c8b28b3f1e45bd861fb75f2fad01d8e.js Show response
www.gstatic.com/mysidia/ Frame 3906 6 KB
2 KB 87ms
29ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c8b28b3f1e45bd861fb75f2fad01d8e.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2262
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 23:46:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 09:08:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 3906 23 KB
9 KB 79ms
23ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 3906 3 KB
1 KB 229ms
113ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 3906 17 KB
7 KB 199ms
143ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3906 0
0 309ms
0ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0eS0tyufsuWLHEYQEQyHTjhtU8xawubEoYgc4n2IKI_bEEo0UnZuiLjA14vnm1lyDqBPiJDZx2tmmpMW299FWFka0qw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=4191319412&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=fH7hRuQNCr&p=https%3A//www.proxysite.com&dtd=58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3906 152 KB
46 KB 285ms
157ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 3906 33 KB
13 KB 268ms
50ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 387623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:34:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 40A1 4 KB
636 B 106ms
74ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:29:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 40A1 1 KB
427 B 199ms
168ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 16:46:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 40A1 2 KB
552 B 96ms
66ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 18:14:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 40A1 3 KB
1 KB 319ms
204ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 40A1 17 KB
7 KB 94ms
52ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 40A1 0
0 413ms
0ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTV8NpQVspbYnBDsNIZUBskjzUrlyYJbLPkSiazktMMLr70sUdWgS_ZQfX_NjDj4jEefb6wNn7YsUwlMUEMalXBZpuReg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40A1 152 KB
46 KB 336ms
233ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8933 0
0 286ms
0ms Fetch
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssY4Q1qsRue-JBy8IMBFhlFARkl52t27gNDwFtDQ4wkOGjPCa0WhY9lUw0-D4-2_N05KXtLhD7BeP1rJPrzrsaBDOdTWWx3WFyu-8y4tHe0oaDabxiuZ3Ab_CZjkHvtNTHaUGf6POI22pRaFXNQ6ANjmgCX6ohqWrrSTEVVmDcaCSaPlVPzkEzT1-VFmQmn497xssUSq5K5zWgVMRbgs8ZIEjYIFNdZprIWjATRcUg5QF-rV4d9Hx9tXhs1-GLeWa38TaFQ7ZcOj-QczVDc31k5Iz4uRjte4KBpoJXpggYepGPHV5HQXUCav6Bcfflobr6PQTGNFx4alXdvhNYKCVBYURzP8bWxWQq9B0ZRVJ846i3UiEmsARNWCnXmfhPIKOyxbvUCCojU7lnZoXfQ30O5ngd-wQXygZruB48d4Iq1cseVcCfj47kU8SDRkYNOf85r3qo7Yu629-o6zVNwMDsGEQOV7dkGd2PJPoO0ICbeI06oed1-n2YVf0gZjBhQrrlXzq4GrLrK-WlKQfaU5GbgSdchn7zgu3Zhaly5oFpV_nHUDiBLXGrlqjOegx8TY92U76xsqkUrjIso1y2Stvi4EnhaHoqt46qHgSgeu_j7-iHPMN0eO2rDHlyUZ_IBDqzhLAduwcS0DPf4vZlVWQU5vybJVI0TYNLBXgmORgguXlTYNMMAJwGSRsJL04LquPv7zyV-DpZ0_hZjHRO18YyCbdzFoGA-NMa2eLnA2IpkJAwdZ7HWyLbcY_fu6plmIWE8tmSadIugpwynIJSqiwU-HrUMeAnnNfbNkXRO09S6oQCyU_hL_klhPwQF_laIbye7tuU2tnwJ_Avk_MVXmH0zlq8757y3u1z7tfIabMNE9fA7MvsNw3nwn4TcmNIDt1ipHeoBCMfVlZuhMId2RhIEUVotCSam9h17yv8W7CsxsUwDrpaV3ocEkAqqr2hDo_U62rOngGNc6qIZN8T445p--pFbGrLoJgJk5nucpdJVJdcmU4jZIB1ysEWmw9-aJbPiVE3CqaiwaTmFT1Y&sai=AMfl-YQZSbk_YRwNKTbLkmATyw12Q0H_PxvXFT8dPeIxHMBlSfR_YiXZvek8wyKZByrc0FrMXpEd2JGKQFBdLfrXXp2GRasv_6eR_oA2zTWePYGvamqzvL1naIN3EdAU2XOqEf4SGOsr3NapzeVrYvA8VHogNNr3TvfDURpM9FXwviHJ5eYmjcbTaEouF1JAjUrWXQQ5t5I5IljdVMG7U-WU-3gUu8tGwAasgeh__IOmmqbHtpf8pQ5TZg&sig=Cg0ArKJSzIuZMCXgsdF6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8933 41 KB
15 KB 156ms
156ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 23:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 23:13:36 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 8933 35 KB
14 KB 204ms
204ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deba0e0b40f489ae92b1b1f744e1414e2e4ce927e072ffc479893c8c0d32031f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14247
x-xss-protection: 0
server: cafe
etag: 181149334873387862
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:47:45 GMT

GET
H2 200 2947001317603899054
s0.2mdn.net/simgad/ Frame 8933 41 KB
41 KB 431ms
0ms Image
image/jpeg 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2947001317603899054

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

261f383b37d5553ce35dcfac6727aeb9446f94c0a838eabc69c64c061836ad45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:45:20 GMT
x-content-type-options: nosniff
age: 513001
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41766
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 21:54:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Oct 2023 19:45:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 8933 3 KB
1 KB 287ms
285ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 8933 17 KB
7 KB 156ms
154ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8933 152 KB
46 KB 298ms
154ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 8933 23 KB
9 KB 199ms
198ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:56 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/ Frame 5CB5 19 KB
6 KB 307ms
189ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd51fb1f1c5b0d4b6130fb9c285598e39a3c7bd01b90acf292f2e5cb09f333db

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 476915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 6531
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 05:46:46 GMT
expires: Fri, 13 Oct 2023 05:46:46 GMT
last-modified: Fri, 03 Jun 2022 15:47:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8BD2 0
0 247ms
130ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4YU5OO1OY9HZNNT6xtYPxNKG2AXN-cXkbMS6xYyAEM3Kr_f4MBABIIHzkylg_eiigfADoAGmnMX1AsgBCagDAcgDSKoE0AFP0LwTA1dY4Mb6p_tfrDNz11i89blbSYH5T0bKMousBXdUxTpRJD54aWQmuSUlQDgfU-XnK9DcLi7_f51aIkQwfI9FMy0lq3SUzmCg2zN91vvsx13Sy7hmexgZkgFgVEsGD3PXb96Vt9UWWCygkYGSfEbihLk8CdXgfbTiurR1pSo7LyAxhaxuV04pcVCKi4MkKytjX4omlcioQDHVpgiby87AE_KmwAiODRFYJz8mPGXK7JAMl--TioPw_CBbOpk6C4I9RmrpvMyKxWKUbanQwASg2rz0gASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHwuO6igGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDMqQHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=T6vu1C8jh-U&uach_m=[UACH]&cid=CAQSPADq26N9yHJ9ZFsI1j9FHAT1vx0FPAv4HhY3zRsuBZVoRbTapIH6UdOE4vid4bPzgqfoUtY3bnSn6WuW9BgBIA4&template_id=419

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 8BD2 23 KB
9 KB 305ms
192ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 8BD2 3 KB
1 KB 333ms
219ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 8BD2 17 KB
7 KB 312ms
201ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 16:34:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8BD2 0
0 430ms
11ms Image
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxOvXtcq57zCgWIgc4qhbliuq73FkoYKZb_xahnwwIMSxd0vcCej3hS7xpkVjXp5w1axOdAnDjzbtUTImS_9_YJYsNbw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BD2 152 KB
46 KB 251ms
141ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 40A1 0
0 239ms
123ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkgoaOO1OY8ymNfqHvPIP5Nag0A-sneKuZrnQrsqWD8CNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi01MjcxMDUyMDMzNzc2ODExyAEJqAMBqgTBAU_Q2-_MeKRQMMMkScJ01qNrvv5MsnLODKMzjDf2q9I6seLkmi5SpcpdtpdE-Tltt0HFY0ycStSDKeLOfLruQZwNfAUM5q4NHAGyQxP7ppj9ucINcyaWXvlxWVJlsI4ccDJuRmt2wxLnwW3TlGdMoF2pNsNejGae3G6_XdGsGj6oMOAd-q28LngCi-O1w9JP4P33q-V0lZBzswKOpwfzI8L99bOsl1LUjopAAHrAK3bJ4TxyMxX57zMxE0tzFPvVU4SABqD68uW5wKHpzAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MjcxMDUyMDMzNzc2ODExGAA&sigh=7DEVnGa8ZEI&uach_m=[UACH]&cid=CAQSPADq26N9RuCNQHWBqBbVgF4Guz7JtK0psDFCRcz2hPlByxAQUirLv3hYrhzo3Sc1qwdJaB0upL7f7gpGNRgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 rtimp
g.bidbrain.app/ Frame 40A1 0
0 248ms
106ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d3c6f968-4f10-11ed-a8e9-5efe535a41c4&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&gid=CAESEFnJCZkYnESlHfzQr_5ttJA&a=imp&p=Y07tOAANU0wITwP6AAgrZLWAtp7M9FNWG_jQJg&im=d1c-CErYRacTxzCpqwVCr-M81Wq7EU_HG6EABD4bClRenxdEivbl-iZ2qi70rFHtOeBBKojXSftcLQuQ_2rReIoYLTQXUSbb_q8XN5Twl0cQtccLLWOZgArAVTqocnuZI6maFgFizHATPos7loe9To5U0Op9Lql-6OnnwnYWAHCy3ofy9-MN9aROgXmzX9zH6A8yZgI4NOLaDDSMAOkoNpj0ol2t9-i8nPHCDBnZsmT8_udfnPyU3ZaOzaJI4BmS6rarEF-v2HDkwD392DNC1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.algbid.app/rt/ Frame 6F87 0
0 244ms
102ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rt/ev?ka=0.5701317454029478
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 icon15.png
cdn.rtbrain.app/grd/ Frame 6F87 680 B
2 KB 379ms
0ms Image
image/webp 2606:4700:20::681a:2be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rtbrain.app/grd/icon15.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868e5754d812ce238448ec9ea44a4db66bfef62cba0150e30df2579757668ef7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1075
cf-polished: origFmt=png, origSize=873
x-guploader-uploadid: ADPycdsQqSOhx5wyYSynBlbfy3fBZfub9C6rOl4wQL_keT6pu-S8owJtrEDuUVNjqORTiGWaMbKwhtYw7Nsu0J7e7Psj4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="icon15.webp"
content-length: 680
cf-bgj: imgq:100,h2pri
last-modified: Sun, 15 Aug 2021 13:58:22 GMT
server: cloudflare
etag: "8eb8d8f45d9d11406a84977d4ac5e267"
vary: Accept
x-goog-generation: 1629035902476439
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=K2e4IQ==, md5=jrjY9F2dEUBqhJd9SsXiZw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Z6rG3e4qhQsAtiTbyJgHaAEUWdV7EAJI%2Fm1IFkHadDPYKpfNUk6NdkwHiUTeMPu1ePx6uSGN72IelN9yJn3I1trF4vEbUf0jFnImt5hLpDZQyjKMFfr0AhVcAQofZSgDY%2Bf0tWksyYHht3sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-stored-content-length: 873
accept-ranges: bytes
cf-ray: 75c34249e875ecee-YUL
expires: Tue, 18 Oct 2022 18:57:26 GMT

GET
DATA 200
OK truncated
/ Frame 6F87 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09acfcf27c874919b8cce2c969b3cf8ce7a30f5a956e357bcfa8d36d2fd5f68b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6F87 15 KB
16 KB 391ms
0ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 304061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 05:47:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6F87 15 KB
16 KB 414ms
0ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 513804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:31:57 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 4793 0
0 207ms
101ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.28401935864534567
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 4793 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64a0414c0e147a9e72cb13ea871e2ce048fc99a1de8bcc48365c0ead9772c44d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4793 15 KB
15 KB 388ms
0ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 304061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 05:47:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4793 15 KB
16 KB 392ms
0ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 513804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:31:57 GMT

POST
H3 204 rtimp
g.algbid.app/ Frame 6F87 0
18 B 173ms
104ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp?sid=d370fb94-4f10-11ed-9f06-2aed2b2fda38&d=www.proxysite.com&cr=grd_gen11_2_test&gid=&a=vw_100&p=Y07tOAAEqqME0YcHAASsUddeLnZoRVtCHulQWQ&r=1298771006&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 4793 0
18 B 185ms
125ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d37445f6-4f10-11ed-9109-52bc4bf01327&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&gid=&a=vw_100&p=Y07tOAAEsPEITw5uAAdiu1lwxlQou3VeoM7-_g&r=983946722&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8187632194697528653/ Frame 3906 30 KB
30 KB 226ms
114ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8187632194697528653/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa2ca5ee57a27099b7f5b5a0cd2e5628ae883016090d0d513628fc56f6161be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:20:35 GMT
x-content-type-options: nosniff
age: 366886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30489
x-xss-protection: 0
last-modified: Tue, 31 May 2022 14:15:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 12:20:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3906 0
0 215ms
118ms Fetch
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNOpzOO1OY_jfM5T7xtYPrbCJ6An7qqH_bJm36YiqEMCNtwEQASCB85MpYP3oooHwA6ABlZLi_gPIAQmoAwHIA8sEqgTDAU_QuVAScq7vsTtfuVRAs3K2G3SrpMq5CCmUGiMANdqstmQT340Ry0rfbjENXG5Od5juB1QrA6QusUxPHUJWDKaO5s93zhSW1pjxkB3_tDGB9rEfuGeQ_R0myBDS1qe0XzCTN5lC9X1QKyk2DLCHiSm9X9eOnTGTKQbRNlAH1yOhK_bVUKWu8Z_997d41TiUPswjvId38d6KF4X2tJ_mIMb1vWHf5llhXXI9pdJziRWrV5io7BPSaw6n7YCo6P0gj5c4tsAE7ezl3MoDkgUECAQYAZIFBAgFGASgBi6AB9PtnQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDf7QHSCA8IgGEQARgfMgKKAjoCgECACgHICwGiDAgqBgoE-Z6xArgT5APYEwrQFQGYFgGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=CskbEZbc01E&uach_m=[UACH]&cid=CAQSPADq26N9cgIU-7Fqpk2QJQiCVhAhxyq1sUWoSfw2hCP0vG-bumntstYfzJlqvtXwMspumwD0IjKoB8_M-RgBIA4&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=4191319412&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=fH7hRuQNCr&p=https%3A//www.proxysite.com&dtd=58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B1AA 1 KB
643 B 239ms
51ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 15:13:44 GMT
etag: 48472445140208031
expires: Wed, 19 Oct 2022 15:13:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3640 1 KB
643 B 198ms
54ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 10897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 15:13:44 GMT
etag: 48472445140208031
expires: Wed, 19 Oct 2022 15:13:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3906 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0bc655d5407ed308b1e172d27efaaff1e1c1da72ae1d4d1839b4c6c44849526

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9D1 22 KB
8 KB 227ms
90ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 376861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 09:34:20 GMT
expires: Sat, 14 Oct 2023 09:34:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 4793 0
0 193ms
91ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9699423508269889
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.algbid.app/rt/ Frame 6F87 0
0 190ms
92ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rt/ev?ka=0.23887341602906642
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 8933 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 914747fc859682b54b6047aaf8500acf162bf86c53cb1b839c7a83d846b8f4d8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5CB5 6 KB
3 KB 146ms
88ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 06:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 19 Oct 2022 06:47:54 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5CB5 34 KB
13 KB 139ms
82ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 05:57:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 19 Oct 2022 05:57:17 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5CB5 57 KB
23 KB 156ms
6ms Script
text/javascript 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Oct 2022 18:15:22 GMT

GET
H2 200 easepack_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5CB5 2 KB
1 KB 163ms
14ms Script
text/javascript 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0eab8a7f38fe54d5a7a17fe4c133595539b9e7586225d9531040915b77a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:52:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Oct 2022 18:15:22 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3906 0
20 B 128ms
101ms Ping
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7263 143 B
166 B 122ms
33ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 17:40:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 8BD2 0
20 B 167ms
67ms Other
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNHV45mx6voCFVS90QQdRKkBWw&gqi=OO1OY9WBNN2PvPIPhO6MiA4&layout=/sadbundle/%24csp%253Der3%24/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8BD2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8493c32b99564618eef13f138672076d5bc0067c62a09080e10db22d7f499ec6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJ5imEyEFrEv-MQ6m0SoFos&google_cver=1&google_push=AZmPxg9qSgOyAePk4_3AAdxjCBvFar8a0x1kYwgMcwqw4fIRgDpudjEKLXH6AXWUngZt08bzdgHNn0GpKEOerE_6Inv0Wz9oFvmzy...
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9qSgOyAePk4_3AAdxjCBvFar8a0x1kYwgMcwqw4fIRgDpudjEKLXH6AXWUngZt08bzdgHNn0GpKEOerE_6Inv0Wz9oFvmzywHB98fpvFG3SmOIoQJdOs6WtXGgGeiL...

170 B
188 B

121ms
72ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9qSgOyAePk4_3AAdxjCBvFar8a0x1kYwgMcwqw4fIRgDpudjEKLXH6AXWUngZt08bzdgHNn0GpKEOerE_6Inv0Wz9oFvmzywHB98fpvFG3SmOIoQJdOs6WtXGgGeiLmrwp07EwijX3SKWQHCYO1IU&google_hm=Q0FFU0VKNWltRXlFRnJFdi1NUTZtMFNvRm9z

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 8a0d00c8697029a8a8411a2a06403ade.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PHL50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9qSgOyAePk4_3AAdxjCBvFar8a0x1kYwgMcwqw4fIRgDpudjEKLXH6AXWUngZt08bzdgHNn0GpKEOerE_6Inv0Wz9oFvmzywHB98fpvFG3SmOIoQJdOs6WtXGgGeiLmrwp07EwijX3SKWQHCYO1IU&google_hm=Q0FFU0VKNWltRXlFRnJFdi1NUTZtMFNvRm9z
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: mE13WuYzm8BSzbDufPXbOmK6XGXfDi8b4SY8Sa0NY595ONAEMDRCYw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9BPDoWXI6HU9s_aiDLxWoQ2v6FyRdDkQ926ldg-cOsE-IZUoHGn3A0QOz0iouKTQBMDJK6IIhXWcqgnSumsrXY2H0HShqPkjwNFuC-hA9lODrrSGKI1hu1HjwWIaF1nsa_wW2QlLd...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLrau5oGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVptUHhnOUJQRG9XWEk2SFU5c19haURMeFdvUTJ2NkZ5UmREa1E5MjZsZGctY09zRS1JWlVvSEduM0EwUU96MGlvdUtUUUJNREpLNklJaFhXY3Fnbl...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd3Ftekc0S2toU1IxLWpJd3hlRmVob3ZxVWVFcldFS2YzcndWTzdhNXpnbw==&google_push

170 B
188 B

65ms
60ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd3Ftekc0S2toU1IxLWpJd3hlRmVob3ZxVWVFcldFS2YzcndWTzdhNXpnbw==&google_push

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwd3Ftekc0S2toU1IxLWpJd3hlRmVob3ZxVWVFcldFS2YzcndWTzdhNXpnbw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEDmRs89yjf2dmeEZIgP-UHY&google_cver=1&google_push=AZmPxg9AVJ8zxsAm1_wmFsHvdQ2DaectEijYPkAAap2JTE50ZplcKlbXxFk7KZm9UnCsFnAeniklcz9r0UdZIMM...
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=VZyBdfTL40Ak5iidhUZ_co&tap=gAds&google_gid=CAESEDmRs89yjf2dmeEZIgP-UHY&google_cver=1&google_push=AZmPxg9AVJ8zxsAm1_wmFsHvdQ2DaectEijY...

170 B
188 B

45ms
39ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=VZyBdfTL40Ak5iidhUZ_co&tap=gAds&google_gid=CAESEDmRs89yjf2dmeEZIgP-UHY&google_cver=1&google_push=AZmPxg9AVJ8zxsAm1_wmFsHvdQ2DaectEijYPkAAap2JTE50ZplcKlbXxFk7KZm9UnCsFnAeniklcz9r0UdZIMMyb4jri9BBA-fJ71vFmPIp7AGpQD5PmCZXuhD8Sos288pLl6C-x1J0_NBRytkJSZP7sfw

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=7884000; includeSubDomains
via: HTTP/2.0 odnd
date: Tue, 18 Oct 2022 18:15:22 GMT
last-modified: Tue, 11 Oct 2022 18:05:07 GMT
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=VZyBdfTL40Ak5iidhUZ_co&tap=gAds&google_gid=CAESEDmRs89yjf2dmeEZIgP-UHY&google_cver=1&google_push=AZmPxg9AVJ8zxsAm1_wmFsHvdQ2DaectEijYPkAAap2JTE50ZplcKlbXxFk7KZm9UnCsFnAeniklcz9r0UdZIMMyb4jri9BBA-fJ71vFmPIp7AGpQD5PmCZXuhD8Sos288pLl6C-x1J0_NBRytkJSZP7sfw
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-tb: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJKfXurxQ21LVc-RaDzhvPM&google_cver=1&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2q...
https://rtb.openx.net/sync/dds?google_gid=CAESEJKfXurxQ21LVc-RaDzhvPM&google_cver=1&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2q...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2qVWe94Y2Y5pFdVtRZ2L4Uv5tex5EbtYLlZ...

170 B
188 B

88ms
38ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2qVWe94Y2Y5pFdVtRZ2L4Uv5tex5EbtYLlZ8TLbNdVSKvnAqZcay-vqw&google_hm=Z3oeqzUmxSoT7F2qlOAicw==

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg_pSZfI02o27jhzh3GGQpQtREKqeDDvESTPYoaBLPhcrJhZiuPsC1Y5Cu7Jj839iTl6u4J3w9Pn8GzsM0Tn9A-sAtXQ6Az2qVWe94Y2Y5pFdVtRZ2L4Uv5tex5EbtYLlZ8TLbNdVSKvnAqZcay-vqw&google_hm=Z3oeqzUmxSoT7F2qlOAicw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: fmdihgoepstgu5ajraor8p4u3et3oggr

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO--25TD5q-cokagXdbIQzQ&google_cver=1&google_push=AZmPxg-XJghwUv4WUKMFrk0N0SZkleG_-LdSE-Aw9oUCrlLLX4e1cC3yMVkR47v5vv68gd1mSBv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzUtMUEtNUUwVw==&google_push=AZmPxg-XJghwUv4WUKMFrk0N0SZkleG_-LdSE-Aw9oUCrlLLX4e1cC3yMVkR47v5vv68gd1mSBvH2jVKdsUJ2UbYf_kfDdyF7aA7s...

170 B
188 B

107ms
60ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzUtMUEtNUUwVw==&google_push=AZmPxg-XJghwUv4WUKMFrk0N0SZkleG_-LdSE-Aw9oUCrlLLX4e1cC3yMVkR47v5vv68gd1mSBvH2jVKdsUJ2UbYf_kfDdyF7aA7s8AJDzdseKQtwXGktDdxvweuipU2N7dqs_PL5VyHIeSlu3RdiimGVIY

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzUtMUEtNUUwVw==&google_push=AZmPxg-XJghwUv4WUKMFrk0N0SZkleG_-LdSE-Aw9oUCrlLLX4e1cC3yMVkR47v5vv68gd1mSBvH2jVKdsUJ2UbYf_kfDdyF7aA7s8AJDzdseKQtwXGktDdxvweuipU2N7dqs_PL5VyHIeSlu3RdiimGVIY
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame B1AA 43 B
296 B 611ms
42ms Image
image/gif 2600:1f16:b8a:8e02:cd98:4da4:aeb4:c369
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEEPzlUOl8R4WjwPxr1xG18&google_cver=1&google_push=AZmPxg97qQ24pPjzwe1XC0BqGEwbiRjEJ81qsbrFD_x1ubTDhDCSl49magZ9a2LKv2Mz8unEHx3r0Q9EHJE2v1M_3NJ3jV6_VG6HF5B4QGsURn4B34tw1kYbKnQj31W2nG82b49QxQx0ebpiWaKzFOLP_uY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=4191319412&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=fH7hRuQNCr&p=https%3A//www.proxysite.com&dtd=58
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:b8a:8e02:cd98:4da4:aeb4:c369 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1AA
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEDWdcOGvZGWt_3g2IEo348Y&google_cver=1&google_push=AZmPxg9vkta0fNA1jokJLhzHdonPGFGk-8GOcRN8O_0XwYv173E0NXsNUxN74RDvUpJ9VI9H_tll7uwgFpxph4gzkOoYent9Kz11v...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9vkta0fNA1jokJLhzHdonPGFGk-8GOcRN8O_0XwYv173E0NXsNUxN74RDvUpJ9VI9H_tll7uwgFpxph4gzkOoYent9Kz11vGqBCbttPqlS1U02QDYF2VUiEUMZN1...

170 B
188 B

93ms
69ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9vkta0fNA1jokJLhzHdonPGFGk-8GOcRN8O_0XwYv173E0NXsNUxN74RDvUpJ9VI9H_tll7uwgFpxph4gzkOoYent9Kz11vGqBCbttPqlS1U02QDYF2VUiEUMZN1GaDZyMJM7MOKu4cAtJNfa_mr0&google_hm=a9e4a4a77238819539dfc4f61ff2c3e9

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg9vkta0fNA1jokJLhzHdonPGFGk-8GOcRN8O_0XwYv173E0NXsNUxN74RDvUpJ9VI9H_tll7uwgFpxph4gzkOoYent9Kz11vGqBCbttPqlS1U02QDYF2VUiEUMZN1GaDZyMJM7MOKu4cAtJNfa_mr0&google_hm=a9e4a4a77238819539dfc4f61ff2c3e9
date: Tue, 18 Oct 2022 18:15:22 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B1AA 0
232 B 139ms
36ms Image
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNKNzKpDC_bf38SFg94PIQ_ExOHyI8zixkkbv9e9nGuLsQ5a6vnzpCz7tIg3vTJYhiN1k-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3640 35 B
463 B 127ms
27ms Image
image/gif 2620:116:800b:21:4cb8:1820:80ca:50f7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEItvobX6vGNkDGyI7O4HkFc&google_cver=1&google_push=AZmPxg-TDCKCpeUM_kqqsR8CwMcjOco_9mBb2aa6LsHN4OV79ALN19TCqGeXlAOaqw7LVK5JldB8dkqHmiG_jF0wPIGfm36fuLI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-PK2X3...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-PK2X3...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxODE1MjIwMDAxMTMxOTg1NTg4NA%3D%3D&google_push=AZmPxg-PK2X3bB8ZRJG-8fbQgyySqvMOrd6qzsQV98fVmdTbrIFWhBRV66ytyBewSOr5_8...

170 B
188 B

40ms
39ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxODE1MjIwMDAxMTMxOTg1NTg4NA%3D%3D&google_push=AZmPxg-PK2X3bB8ZRJG-8fbQgyySqvMOrd6qzsQV98fVmdTbrIFWhBRV66ytyBewSOr5_8E8oprhFCok-telUx6ukK98g8aLfVk

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTgxODE1MjIwMDAxMTMxOTg1NTg4NA%3D%3D&google_push=AZmPxg-PK2X3bB8ZRJG-8fbQgyySqvMOrd6qzsQV98fVmdTbrIFWhBRV66ytyBewSOr5_8E8oprhFCok-telUx6ukK98g8aLfVk
pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 18 Oct 2022 18:15:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEIkazt8bE-UIlD5OfIbRd1s&google_cver=1&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ
https://rtb.openx.net/sync/dds?google_gid=CAESEIkazt8bE-UIlD5OfIbRd1s&google_cver=1&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ&google_hm=Z3oeqzUmxSoT7F2qlOAicw==

170 B
188 B

95ms
45ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ&google_hm=Z3oeqzUmxSoT7F2qlOAicw==

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8ciGg0T3sdYpz9J83q0TLhBtG2ftFWAcd4_ssl3rqxtGHlk6x2h5E0YOj1hGiJh8aKw_D2JhCZ8FJBgOF1fNuXTGblmrQ&google_hm=Z3oeqzUmxSoT7F2qlOAicw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: t97smkiejbi71q4gpr5q8pvql87abl0p

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c123a617RzmD5JQBT8Qu7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

90ms
40ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c123a617RzmD5JQBT8Qu7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_DbAPadGuMXdyRYI02Sk7vvdZ3uPm-H8kFOGZhR4HFbsxbTGFLXPfHe23pjqmuLie56HEr5bqMSGX6CLp75m0w73ctuqsy

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=c123a617RzmD5JQBT8Qu7g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_DbAPadGuMXdyRYI02Sk7vvdZ3uPm-H8kFOGZhR4HFbsxbTGFLXPfHe23pjqmuLie56HEr5bqMSGX6CLp75m0w73ctuqsy
date: Tue, 18 Oct 2022 18:15:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHWNxTVV-DfvJUQMGhmOX7Y&google_cver=1&google_push=AZmPxg-AIhFls-E6g-tg6-eCXL65ilWHpBejSsDpfTIbyTjf97AwF66058PYP00G7ivZIm1yllx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzctNi0yV1A2&google_push=AZmPxg-AIhFls-E6g-tg6-eCXL65ilWHpBejSsDpfTIbyTjf97AwF66058PYP00G7ivZIm1yllxX_srSM9ybDB1F_MGq-S9OJBlt

170 B
188 B

110ms
63ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzctNi0yV1A2&google_push=AZmPxg-AIhFls-E6g-tg6-eCXL65ilWHpBejSsDpfTIbyTjf97AwF66058PYP00G7ivZIm1yllxX_srSM9ybDB1F_MGq-S9OJBlt

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlFSVpXVzctNi0yV1A2&google_push=AZmPxg-AIhFls-E6g-tg6-eCXL65ilWHpBejSsDpfTIbyTjf97AwF66058PYP00G7ivZIm1yllxX_srSM9ybDB1F_MGq-S9OJBlt
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_hm=Y07tOmbzfXBbzr1KPSbWTwAAAHwAAAAB&google_nid=index&google_push=AZmPxg_bVxj7Mvn12_MYGMQSt2i7cy7RnkhTb...

170 B
188 B

40ms
39ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_hm=Y07tOmbzfXBbzr1KPSbWTwAAAHwAAAAB&google_nid=index&google_push=AZmPxg_bVxj7Mvn12_MYGMQSt2i7cy7RnkhTbha8mJpZECwwHk-YRJc00E_40NAdl0mqcrpg7yGQuntQTxMOEUjH2KbLNqfZvis

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBOcJ%2FulEDIZwXMZBIdlig10mIp2XnsHazkpCAIqFoZjNepeaIgaSwb3vJ5NlvG9bRQimTJw1STXNTT8M07QpX6l1fOyCfd%2FFfLpRRjUNQXmVQhH%2BjmsL43UJKQPf4pvrlx%2B81iA%2BkIqIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBFMNO6T60jpoPlucXEdNU&google_hm=Y07tOmbzfXBbzr1KPSbWTwAAAHwAAAAB&google_nid=index&google_push=AZmPxg_bVxj7Mvn12_MYGMQSt2i7cy7RnkhTbha8mJpZECwwHk-YRJc00E_40NAdl0mqcrpg7yGQuntQTxMOEUjH2KbLNqfZvis
cache-control: no-cache
cf-ray: 75c3424cb8e53320-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESENOl6RsCWdu03oCcoNiKPwQ&google_cver=1&google_push=AZmPxg-pzUzKL4lEedGdNojQQvSWLM0sRKNvzZ5B2MRFpVUrLHeDrtLknZQcL07AhY90GnMuaJEBYtx4H4zzKpMDT5AZLgh3Qsw
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-pzUzKL4lEedGdNojQQvSWLM0sRKNvzZ5B2MRFpVUrLHeDrtLknZQcL07AhY90GnMuaJEBYtx4H4zzKpMDT5AZLgh3Qsw&google_hm=9807501e0c326daca680...

170 B
188 B

91ms
66ms

Image
image/png

142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-pzUzKL4lEedGdNojQQvSWLM0sRKNvzZ5B2MRFpVUrLHeDrtLknZQcL07AhY90GnMuaJEBYtx4H4zzKpMDT5AZLgh3Qsw&google_hm=9807501e0c326daca680d3d9149d093d

Requested by

Protocol

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-pzUzKL4lEedGdNojQQvSWLM0sRKNvzZ5B2MRFpVUrLHeDrtLknZQcL07AhY90GnMuaJEBYtx4H4zzKpMDT5AZLgh3Qsw&google_hm=9807501e0c326daca680d3d9149d093d
date: Tue, 18 Oct 2022 18:15:22 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3640 0
49 B 130ms
36ms Image
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqrcrHM2b2vljkyzwJ4vfzpBDpmLX8hoxcrSeQaYoiGMyGmS6yOPcvZHzNbqlotexu6ujC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 4793 0
0 72ms
59ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.11467524507379356
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.algbid.app/rt/ Frame 6F87 0
0 54ms
42ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rt/ev?ka=0.8718679490848662
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.algbid.app/ Frame 6F87 0
18 B 85ms
75ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp?sid=d370fb94-4f10-11ed-9f06-2aed2b2fda38&d=www.proxysite.com&cr=grd_gen11_2_test&gid=&a=load&p=Y07tOAAEqqME0YcHAASsUddeLnZoRVtCHulQWQ&r=1298771006&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 4793 0
20 B 60ms
51ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d37445f6-4f10-11ed-9109-52bc4bf01327&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&gid=&a=load&p=Y07tOAAEsPEITw5uAAdiu1lwxlQou3VeoM7-_g&r=983946722&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.algbid.app/rt/ Frame 6F87 0
0 54ms
53ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rt/ev?ka=0.8485505856490312
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 4793 0
0 50ms
49ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.9044920218180401
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 terrain.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/ Frame 5CB5 5 KB
5 KB 52ms
37ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/terrain.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df289aa220f7df00a04f9ff9a01f56457f631ac1ded67a841cdbaf754cd30c08

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 05:10:39 GMT
x-content-type-options: nosniff
age: 479083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5249
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 15:47:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 05:10:39 GMT

GET
H3 200 vignette.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/ Frame 5CB5 31 KB
31 KB 69ms
54ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/vignette.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52b62031fd667d82ff54d35eebba479cc4bd53e41feea1cbc6d2aa45de4acda5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 05:10:39 GMT
x-content-type-options: nosniff
age: 479083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32132
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 15:47:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 05:10:39 GMT

GET
H3 200 sprite.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/ Frame 5CB5 68 KB
68 KB 61ms
46ms Image
image/png 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/sprite.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94e4df51ca424a8a064966b9c538eadd5452b7e808204113fe7e937d50a50a29

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Oct 2022 05:10:39 GMT
x-content-type-options: nosniff
age: 479083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69195
x-xss-protection: 0
last-modified: Fri, 03 Jun 2022 15:47:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 05:10:39 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 40A1 0
0 89ms
73ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.15607816298745436
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 40A1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b75364b2f5784c49b7c946dc168a7f948690a46f45309381eed25d86abe00814

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 40A1 15 KB
15 KB 107ms
24ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 304062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 05:47:40 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 40A1 15 KB
16 KB 118ms
36ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 513805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:31:57 GMT

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame D9D1 36 KB
16 KB 49ms
47ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:01 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3906 15 KB
16 KB 100ms
48ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 513805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:31:57 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3906 15 KB
15 KB 81ms
30ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:33:19 GMT
x-content-type-options: nosniff
age: 513723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:33:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3906 15 KB
15 KB 72ms
22ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 304062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Oct 2023 05:47:40 GMT

POST
H3 204 rtimp
g.algbid.app/ Frame 6F87 0
18 B 73ms
47ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.algbid.app/rtimp?sid=d370fb94-4f10-11ed-9f06-2aed2b2fda38&d=www.proxysite.com&cr=grd_gen11_2_test&gid=&a=ev_prf&p=Y07tOAAEqqME0YcHAASsUddeLnZoRVtCHulQWQ&r=1298771006&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22281.60%22%2C%22242.40%22%2C%22169.00%22%2C%2290.70%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=502839322&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919961&bpp=2&bdt=371&idt=267&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xbw6wXESKg&p=https%3A//www.proxysite.com&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7263
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
43ms

Document
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:22 GMT
expires: Tue, 18 Oct 2022 18:15:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 4793 0
18 B 68ms
44ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d37445f6-4f10-11ed-9109-52bc4bf01327&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&gid=&a=ev_prf&p=Y07tOAAEsPEITw5uAAdiu1lwxlQou3VeoM7-_g&r=983946722&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22240.90%22%2C%22246.20%22%2C%22177.00%22%2C%2288.90%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=2544859009&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=3&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116919955&bpp=6&bdt=365&idt=229&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&correlator=6735404719634&frm=20&pv=2&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=56oQu2ZH1T&p=https%3A//www.proxysite.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 40A1 0
0 48ms
45ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.7018912316007513
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 40A1 0
20 B 54ms
48ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d3c6f968-4f10-11ed-a8e9-5efe535a41c4&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&gid=CAESEFnJCZkYnESlHfzQr_5ttJA&a=load&p=Y07tOAANU0wITwP6AAgrZLWAtp7M9FNWG_jQJg&r=2044825404&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 40A1 0
0 44ms
43ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.1698730882037489
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3504 36 KB
16 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3906 0
20 B 45ms
43ms Ping
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lckJXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDMKDRAQIQAAAACAXeBAMAQKDRARIQAAAACAGdRAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAgGZmJJdAMAQKDRAUIQAAAACgI-pAMAQKDRAVIQAAAAAAACxAMAQKDRAWIQAAAAAAABhAMAQKDRAYIQAAgGZm3JlAMAQKDRAyIQAAAACamek_MAQKDRAzIQAAAACamek_MAQKDRA0IQAAAACamek_MAQKDRA1IQAAAACamek_MAQKDRA2IQAAAACamek_MAQKDRA3IQAAAACamek_MAQKDRA4IQAAAMCZmRtAMAQKDRA5IQAAAJqZSXxAMAQKDRA6IQAAADQzM35AMAQKDRA7IQAAwJmZB5dAMAQKDRA8IQAAwJmZB5dAMAQKDRA9IQAAAM3MJJdAMAQKDRA-IQAAgGZmkplAMAQKDRA_IQAAAM3MkplAMAQKDRBAIQAAAAAA8JlAMAQSGkNQamI0cG14NnZvQ0ZaUzkwUVFkTFZnQ25RIhdzY3JlYW0vdGhyb25lX2ltYWdlX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CB5 36 KB
16 KB 30ms
27ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F87 42 B
64 B 45ms
44ms Fetch
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsoGKeO3FypwJMHrRO_gdWg_VMKn9Uye8yyyD9jWHr7eQSKZri2-FTFHkxZUGQ0xTGGtxLBqEGJV8l0LntimA2zLZh&sig=Cg0ArKJSzPtrUppVxERFEAE&id=lidar2&mcvt=1009&p=0,0,280,990&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=523175106&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666116920242&rpt=1062&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4793 42 B
64 B 49ms
45ms Fetch
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTm1yhmv_BM8S2spe1jPxgORA1hRZm00vETlUTYxnbhkJ7CbzJT4KY2sdJpDMqUUpaAXUV-AApEdE7t9s74Nvu2XHZ&sig=Cg0ArKJSzCF_rijVAmXuEAE&id=lidar2&mcvt=1002&p=0,0,280,990&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3927345067&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666116920222&rpt=1220&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 40A1 0
0 42ms
41ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.2302448312456602
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 40A1 0
18 B 47ms
46ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=d3c6f968-4f10-11ed-a8e9-5efe535a41c4&d=www.proxysite.com&cr=ext_gen2_v10_start_fire1&gid=CAESEFnJCZkYnESlHfzQr_5ttJA&a=ev_prf&p=Y07tOAANU0wITwP6AAgrZLWAtp7M9FNWG_jQJg&r=2044825404&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22102.10%22%2C%22108.10%22%2C%22176.80%22%2C%22207.10%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=60&adk=2093842954&adf=3687344085&pi=t.aa~a.4080220755~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x60&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=5&bdt=1153&idt=5&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280%2C1200x90&nras=4&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=MIx1syxams&p=https%3A//www.proxysite.com&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 2B5D 48 KB
18 KB 222ms
133ms Document
text/html 2a03:2880:f111:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1511eb957096f4%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ffad174b7ed9598%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c591632670d342883d29399b7ac43253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f111:181:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

466f921c8bc682dc2cef0a7983dabaaca005ca5646c111406443efb187fe941f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 18 Oct 2022 18:15:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: VLZNyqWsZpTejw4xFVqVXruCzs1nHZgtv+pDsxAaFCSB4Wyt77uruzbvOw4bqOAPUWYYzxomVQkj77EEzDRgVw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 47ms
43ms XHR
application/json 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9654b25538e5beb169a2c966e468c9d07e0bd9f7b1339261112970438d8e90af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11097
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9D1 0
20 B 51ms
46ms Image
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtQ2lOO1OY5u8E_CPvPIP1-2NqAIAAAAAOAHgBAI&bg=!oqGloeXNAAYeOJy_Pjg7ACkAdvg8Wuy6kw9aPOQ7jHplj2qPhd8Ih1Z29tgqrklDmsJR93seyzePMAIAAAETUgAAAANoAQeZAryrdoywbGqDzIO73YbXHixU5p2KBDgqs5mRXGppEHsRalfkW2TF9wuXsqebsquvPKyi67V1bM__NazfxnaimHKjlW-dsDMiukm2EiKFPE18RWjCjprgc4ckww4By2Tv7SCKQrSXOMCrB02Pf3_T70LoXmcysl7dlbeE1JUTiRIHNMT6H2GiHYNmU6IfIbgv6zqL0FlQGQaH6uQPKCbw4Vd9lwFbrc1hWbljRPPpQCBF-38gG1BcKee-p0JuXwce_hFF9DCtDVoB9WVQIK_7gcIoalWeVIKykTIGUJtnOoadZ21t4R7Li7aTJ_O-bXG7mEqughiaNdcTrhVGzhKp07Xx4wbfZUwNkU_0Cg4RFt7QM6gDAF7pnhkQj1t5Rr55TBGdqSBlFcSEnqiToThnacj4JHxfJiYXHzwageauqWCyG3T9HdKgc566zWKHtTb-UnA1TKCon9GfjcC21XX7pnR8ZYweRay2R3tqKSXBl6Z3VLAJyH3EPq3f8YtStjxGREnnHWar9ELVfF2-tHyzOOuwrc9OZ9Fif-scXjpJsreIE0QshntWNcXPwSbYCXKU2QEVKsEPuXy13q79_BIjHKKCZf6nJKENHML4T7_LDWkGYdG9yjoemjCwLlURRCJz7xP2f6HaiZuoAHBqfGo9JkWrprSPxhD57pCjvK3ss3_sNE1LSABl3L-mgBAOJ_fe7QohRFuJDGXwy1Swowxba_-JhPZJVDuP-Df7DT6OtX4CXfp6Q6a-R1uDpg5b9sIXjUIk003hP8IpFCd8uc_ovPPuUGK2i0aE3nZOKBQbUKKqz77GvcFWLZwOFxL5IAehQbK87GzlqiJVNyoBG0pieSA8Bg-9ihqVGfxb0pYefcIQ3hhiyaxbpXjqgDrRCJKpQEGfuaPtqqHSPAKWjzXLA4JahCzSMuUclvTu7xR5

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
38ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js?bust=31070368

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:15:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8933 42 B
64 B 46ms
45ms Fetch
image/gif 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEKNCF_XtW0JzjxG5ZGQ3dPbHdcpLG2wxNegFa6wFDo1Q5ghK-EswKNdMaCFVWLetGSj1ZQnT35CxOoTJsaQOHNp9Z_qG3Ff4Om4G7w5ZQg-2g3bEJfQtsb-BdEgiVVWm2wsyPDutlkt6osQSwSdb1kE7SkgiApn4qUs20Yu7CgbL6ypZbCGDUle0NFEw&sai=AMfl-YSd55USpIIRHP2Qs2OfjYLVyKUNqJHt33dBGu9sWb-DKr3QreBQ-gpC-D2Pp_XdeEqDMykHILio3mKEQs8&sig=Cg0ArKJSzDiotAi4V1JtEAE&cid=CAQSGwDq26N9Ji4mxeirMdu1HxWk7pFm63m7QsiQPBgBIA4&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666116921017&rpt=937&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 18:15:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D7E 13 KB
5 KB 28ms
24ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 80273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:57:30 GMT
expires: Tue, 17 Oct 2023 19:57:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B93 783 B
538 B 58ms
52ms Document
text/html 2607:f8b0:4006:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f589c15e4cfe745d190c22d559c9330be2fda609b2e21c4f83ee265a003ddb50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KSJ8b4Q0FBEFwQW5kUVRCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-KSJ8b4Q0FBEFwQW5kUVRCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 18:15:23 GMT
expires: Tue, 18 Oct 2022 18:15:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B93 0
0 50ms
44ms Image
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=2259182986095933&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D7E 36 KB
16 KB 27ms
20ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:54:01 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 2B5D 299 B
552 B 29ms
19ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1511eb957096f4%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ffad174b7ed9598%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:23 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: qMUMU7Qfge+CYbaBoc7jsbZ1yI4rZMFfQM4ZWWh9oN/u0vKULj9L18KaS6f74EgOdy95kTLKmzFjSdtm5xA1jw==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=5,i
expires: Tue, 17 Oct 2023 21:16:47 GMT

GET
H2 200 cR4bP35xTLN.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/ Frame 2B5D 540 KB
141 KB 274ms
22ms XHR
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/cR4bP35xTLN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da850b6ddad3b77bd0b946f1b7baa034a8cf21930bf9208c285b688c0ca37e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jAVWG6QlJyETTkhZLxXBGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143781
x-fb-rlafr: 0
x-fb-debug: 4+TqSh+asFkE4ikxaL4Jc0Uw0qJk36/Bhlpe5UwnNOqCdLxHUU1ujj1l4+dXvFianVln2Qx5A0Z0cbcjsyxdxQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 12 Oct 2023 21:14:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D7E 0
12 B 20ms
19ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Uha2wA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:15:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=2259182986095933&bg=!paalpuLNAAYeOJy_Pjg7ACkAdvg8WnVm0IZH5JuFzw2vrTgRuObCi2fndksH4yJHe-75QhIGeXoq7QIAAADRUgAAAANoAQcKAEIFLekYg_VDXbx_tPQe9dfK0lOQKoCu_vJZrolnHsZES5jv7dUBivl0qWwfQv7h3QVLl6b59X2OUU-LPE6Tm4pQK0yZAqdF_sB_dEpuOp-Cti_x6DeSjxN9VzSz6m9OxnHmzCVs-3Gs2ifTf_KSVZsDEuhS29dfR8qgdaiAGJ4TZkBt_MCXIjqluNOIwrvAWOBIJKFertXnGC-_HoWOejgwdgPUP397wagpEhxF_VAsAVnEWqsdrjw2Vt6edTaqBkO1uRJxt3jvINJR2eV3I-n471w13cnGz8L0_hvML39xACToZBakNfP-2DYhLiVZsIkHrlwJMspBhh78NLD0MzmPu-CP9GjvfRZfDJ1_JPhhswjB4mPaymp6k8YE0v0EKFWEDS-fkKJu7DZPEOIpel0R5QibxUuRK1zngMG43rK68yuwxy6RBsMDSOq4MomNxTKPFs6Q53gjOZfTZvm0Ejs-ME48tUY3UvQ5rQlL3Ds9sHkxNq9O6YOOMMIfph9w9r9JmeN8KCq1eGGyguAtDyoDWmIw8wglfOc1y-yMFi97A08E_NpjJJQkUA_GAhTpXuUvTiqbjyYnUMy9yHCLk87igKtNsPyiTnVhIMt4EPNc6IkrrPBb08VS7EaUGE5Nwy-W34Br6FSg_kCCJOJd0ZqfVJcpiW7AR9LLh2KokqZLxf8qxjWCpC6HioP_nRBhUD1xfko5Qo-jv6Dmg-eCUm_DkPCv7E2Sdg0R6-2U_WdGr8jfamuisZtAr7aTs4Nv-TC4K1WH8LheUqQOhmo12OiGmoroEyx9kWVV9enoiEA7UfRpTydHPQ-cZApqcBNTjknxkaFue8YAHjT89ooWoCUmMNX7PTJ888SyawqBNe7FFRI4qXKkEvFRO2F8hS2j5hKhADzZKHo5ljScOswlPMRl-RDfn6HJW3bIl3_egbfJf5P3WoKL0NTcX0VvaieNIGxzJn1jzQX5YBgfRop32JpluaBHo2b23TFyQUVX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
us12.proxysite.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: r1eo2b28m4rvl7mnj8fcc4nog7
www.proxysite.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: q3bnac3iurjupagmaeqe7ci3d2
www.proxysite.com/	1970-01-20 15:34:12	Name: hl Value: en
www.proxysite.com/	1970-01-20 06:58:41	Name: AWSALB Value: 3hvLbPKnsj3ugK1vVzLtpIMiNKP5VvVLmaec+1Bgfa0GmM+y27EwuVXKx/LLRR4R3HqFu5wqPssLpGHjcHGkqBx4EayjANtL05lsfd+Hv29WJDCdsu5tv8QzfSpp
www.proxysite.com/	1970-01-20 06:58:41	Name: AWSALBCORS Value: 3hvLbPKnsj3ugK1vVzLtpIMiNKP5VvVLmaec+1Bgfa0GmM+y27EwuVXKx/LLRR4R3HqFu5wqPssLpGHjcHGkqBx4EayjANtL05lsfd+Hv29WJDCdsu5tv8QzfSpp
.proxysite.com/	1970-01-20 16:24:36	Name: _ga Value: GA1.2.1026300733.1666116920
.proxysite.com/	1970-01-20 06:50:03	Name: _gid Value: GA1.2.2115510952.1666116920
.proxysite.com/	1970-01-20 06:48:36	Name: _gat Value: 1
.proxysite.com/	1970-01-20 16:10:12	Name: __gads Value: ID=b43c0460376fbd8d-22ea652641b40024:T=1666116920:RT=1666116920:S=ALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg
.proxysite.com/	1970-01-20 16:10:12	Name: __gpi Value: UID=00000888782a4274:T=1666116920:RT=1666116920:S=ALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw
.algbid.app/	1970-01-20 16:24:36	Name: uid_cross Value: d3e73a98-4f10-11ed-bbcc-cababeac05bf
.algbid.app/	1970-01-20 06:48:44	Name: sid_cross Value: d370fb94-4f10-11ed-9f06-2aed2b2fda38
.bidbrain.app/	1970-01-20 16:24:36	Name: uid_cross Value: d3e96b9c-4f10-11ed-b9c1-0eb1bd3cd6d8
.doubleclick.net/	1970-01-20 16:24:36	Name: IDE Value: AHWqTUkHsOEnjtvL3iPwhl9-IZkHu5rAUPCkFJC3xK8z9MGaUd6JsiP_ujISEGiqn6g
.openx.net/	1970-01-20 15:34:12	Name: i Value: 6b80abce-3527-43f3-af4e-d9f523de2b34\|1666116922
.rlcdn.com/	1970-01-20 15:34:12	Name: rlas3 Value: 1lPsYJ6xhiMgf1x2m5N58yB8iwejGcE4JcSBT5EHNuw=
.pubmatic.com/	1970-01-20 06:50:03	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 08:58:12	Name: d Value: EBEBCQGuJ4EA
.quantserve.com/	1970-01-20 16:18:51	Name: mc Value: 634eed3a-297b1-889db-aba1c
.agkn.com/	1970-01-20 15:34:12	Name: ab Value: 0001%3A3Wi%2FcWKbNafQK%2FQ01XnNF69bmgbmExZ2
.agkn.com/	1970-01-20 15:34:12	Name: u Value: C\|0CEAq4am6KuGpugAAAAAAAQ13AQCAAQpAAAAAAA
.adingo.jp/	1970-01-20 07:31:48	Name: ID Value: a9e4a4a77238819539dfc4f61ff2c3e9
.casalemedia.com/	1970-01-20 15:34:12	Name: CMID Value: Y07tOmbzfXBbzr1KPSbWTwAA
.casalemedia.com/	1970-01-20 08:58:12	Name: CMPS Value: 124
.casalemedia.com/	1970-01-20 08:58:12	Name: CMPRO Value: 124
.pubmatic.com/	1970-01-20 08:58:12	Name: KADUSERCOOKIE Value: 735DB76B-AD7B-4739-83E4-94014FC42EEE
.e.dlx.addthis.com/	1970-01-20 16:18:51	Name: na_tc Value: Y
.rlcdn.com/	1970-01-20 08:15:00	Name: pxrc Value: CLrau5oGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 08:58:12	Name: CMTS Value: 091
.addthis.com/	1970-01-20 16:18:51	Name: na_id Value: 2022101818152200011319855884
.addthis.com/	1970-01-20 16:18:51	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:18:51	Name: uid Value: 634eed3a3b67937b
.addthis.com/	1970-01-20 16:18:51	Name: ouid Value: 634eed3a0001fb65507ad2207d415886899dc1dd137357ebd335
.dlx.addthis.com/	1970-01-20 07:31:48	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:31:48	Name: na_sr Value: 20221018
.dlx.addthis.com/	1970-01-20 06:48:36	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:31:48	Name: na_sc_e Value: 0
.bidbrain.app/	1970-01-20 06:48:44	Name: sid_cross Value: d3c6f968-4f10-11ed-a8e9-5efe535a41c4
.innovid.com/	1970-01-20 08:58:12	Name: uuid Value: 800f326b-394f-457a-b35e-2cb36426e2f0-20221018 14:15:22
.doubleclick.net/	1970-01-20 06:48:40	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=2236586032&adf=2103647358&pi=t.aa~a.1534086353~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1666116920&rafmt=1&to=qs&pwprc=8717720231&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666116920743&bpp=2&bdt=1153&idt=-M&shv=r20221013&mjsv=m202210130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db43c0460376fbd8d-22ea652641b40024%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MaoEPsG4E7AmpbeZAvlGUHFQ1EvJg&gpic=UID%3D00000888782a4274%3AT%3D1666116920%3ART%3D1666116920%3AS%3DALNI_MZx3JmXhZLsSChRTyPhB8RLx57_Rw&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=6735404719634&frm=20&pv=1&ga_vid=1026300733.1666116920&ga_sid=1666116920&ga_hid=1352466471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31070368%2C31068921&oid=2&pvsid=2259182986095933&tmod=2140679177&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=fLMHHNwmoO&p=https%3A//www.proxysite.com&dtd=69 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/18291106432307744088/65157_SLC_ProrammaticDigAds_EndUser_728x90/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
ag.innovid.com
beacon.walmart.com
cc.adingo.jp
cdn.rtbrain.app
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
g.algbid.app
g.bidbrain.app
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.twitter.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
us12.proxysite.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.proxysite.com
104.18.19.126
104.244.42.200
142.250.64.98
142.251.40.194
146.75.32.157
167.114.210.76
20.230.171.39
2600:1f16:b8a:8e02:cd98:4da4:aeb4:c369
2600:9000:20ed:6800:19:fc2c:a140:93a1
2606:4700:20::681a:2be
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81e::2006
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2004
2607:f8b0:4006:822::2001
2607:f8b0:4006:824::2002
2620:116:800b:21:4cb8:1820:80ca:50f7
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f111:181:face:b00c:0:25de
3.216.250.79
3.219.97.25
34.102.128.115
35.186.253.211
35.190.60.146
69.173.151.100
8.28.7.81
96.17.64.208
036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28
09acfcf27c874919b8cce2c969b3cf8ce7a30f5a956e357bcfa8d36d2fd5f68b
0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76
0ad6b53d219b4d6acec747579f5fc6f2bb0d57c26013a5ec44cc57803963faa0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
210a6349e28a4da5891940283c0a17d559c2a66dbb16a1b18946b6c672b2d99b
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
261f383b37d5553ce35dcfac6727aeb9446f94c0a838eabc69c64c061836ad45
2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18
35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a
466f921c8bc682dc2cef0a7983dabaaca005ca5646c111406443efb187fe941f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52b62031fd667d82ff54d35eebba479cc4bd53e41feea1cbc6d2aa45de4acda5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f7231beb748043b11987dcc50a2741b1d3e9490d75a4120b0b75940f104489
60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a0414c0e147a9e72cb13ea871e2ce048fc99a1de8bcc48365c0ead9772c44d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68b5b3bd62172cc57796183fa113981a6b9cfafe623cf66702de61be14d8342b
69ee8f0426b5cdfa001e4c73f881b504230ffed888d42a20eecb7f22a40afc9f
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
713657ab5518f74ff8f2c1e7f7517424b5cbbb1c159acf2a2b5f1ee77c52edd6
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7
732e46c76fda566092e442ed8a93c0c84c37be40e2e09fd4dd7f501b90f1953a
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
79811790e31275a114e5b741060838bd331ad28893b934727ef3693cce1b661b
7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
8493c32b99564618eef13f138672076d5bc0067c62a09080e10db22d7f499ec6
868e5754d812ce238448ec9ea44a4db66bfef62cba0150e30df2579757668ef7
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d59f37ea3cc4092be97bcb0719277ed5c5c817f448d0bd846ce7baa68326f3e
914747fc859682b54b6047aaf8500acf162bf86c53cb1b839c7a83d846b8f4d8
938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec
9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43
94e4df51ca424a8a064966b9c538eadd5452b7e808204113fe7e937d50a50a29
9654b25538e5beb169a2c966e468c9d07e0bd9f7b1339261112970438d8e90af
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98371895a5461d175a773253c61981e8bb4a43bba33ed2779c5df6a63328f876
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9ef70c77286b42ad41baf16b6895cf1e921540d159438439a9a31dc05e11ef5a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa2ca5ee57a27099b7f5b5a0cd2e5628ae883016090d0d513628fc56f6161be7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b16ec1b4360840baf637e838f52d638330f2f5ea6b361de7e4368568cb61dc46
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b75364b2f5784c49b7c946dc168a7f948690a46f45309381eed25d86abe00814
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
d0bc655d5407ed308b1e172d27efaaff1e1c1da72ae1d4d1839b4c6c44849526
d234d0084ff13555f7cee9211dc834356cae63b833c6c217dc81d87f6835ca6c
d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
da850b6ddad3b77bd0b946f1b7baa034a8cf21930bf9208c285b688c0ca37e99
dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c
deba0e0b40f489ae92b1b1f744e1414e2e4ce927e072ffc479893c8c0d32031f
df289aa220f7df00a04f9ff9a01f56457f631ac1ded67a841cdbaf754cd30c08
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b88904d03ec09df3db56c74b4b524c21ee94f7fd611a33a40d15261fcd852
e64a5bfcdb3d94c2f12491403901dd174c03845ed276f965d408d37a0fdbb55e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b
ec0eab8a7f38fe54d5a7a17fe4c133595539b9e7586225d9531040915b77a9f5
ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6cacd1200cc6e3f6b763a5349e0c4d1fe9fdad8062500c51e9364c3d2c1bd5
f589c15e4cfe745d190c22d559c9330be2fda609b2e21c4f83ee265a003ddb50
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd51fb1f1c5b0d4b6130fb9c285598e39a3c7bd01b90acf292f2e5cb09f333db
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.proxysite.com Open in urlscan Pro 3.216.250.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

93 %HTTPS

56 %IPv6

29 Domains

36 Subdomains

25 IPs

3 Countries

1881 kBTransfer

4814 kBSize

40 Cookies

7 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.proxysite.com Open in urlscan Pro
3.216.250.79 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

93 %
HTTPS

56 %
IPv6

29
Domains

36
Subdomains

25
IPs

3
Countries

1881 kB
Transfer

4814 kB
Size

40
Cookies

180 HTTP transactions
7 data transactions