afkaralkhalij.net Open in urlscan Pro
2606:4700:3037::6815:4393 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://afkaralkhalij.net/news9260.html
Effective URL:
https://afkaralkhalij.net/news9260.html
Submission: On February 04 via api (February 4th 2024, 10:10:52 pm UTC) from US — Scanned from US

Summary HTTP 181 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 26 domains to perform 181 HTTP transactions. The main IP is 2606:4700:3037::6815:4393, located in United States and belongs to CLOUDFLARENET, US. The main domain is afkaralkhalij.net.
TLS certificate: Issued by E1 on January 10th 2024. Valid for: 3 months.

This is the only time afkaralkhalij.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:b159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3037::6815:4393	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1 14	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
28	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
7 15	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:141b:1c0... 2600:141b:1c00:f::172c:c9da	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
3	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:401... 2607:f8b0:4012:81e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4000:4a::7	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
2	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
4	23.43.168.189 23.43.168.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:141b:1c0... 2600:141b:1c00:30::1739:5a70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
2 2	2606:ae80:147... 2606:ae80:1471:1b::1690	25751 (VALUECLICK) (VALUECLICK)
2 2	54.172.223.177 54.172.223.177	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.133.71.175 34.133.71.175	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.51.57.155 23.51.57.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:47::8	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:445... 2600:1f18:445b:901:fb7b:a553:bc85:f072	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	23.58.91.161 23.58.91.161	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:24f... 2600:9000:24f1:7e00:1:2b86:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
181	32

1 2606:4700:3033::ac43:b159 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

afkaralkhalij.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3037::6815:4393 (United States)

ASN13335 (CLOUDFLARENET, US)

afkaralkhalij.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:821::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.35.162 (Queens, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.166 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:f::172c:c9da (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4012:81e::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4000:4a::7 (United States)

ASN15169 (GOOGLE, US)

r2---sn-q4flrnl7.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.43.168.189 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-168-189.deploy.static.akamaitechnologies.com

07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:30::1739:5a70 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1471:1b::1690 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.223.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-223-177.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.133.71.175 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.155 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:47::8 (United States)

ASN15169 (GOOGLE, US)

r3---sn-q4flrnek.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:901:fb7b:a553:bc85:f072 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.58.91.161 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-91-161.deploy.static.akamaitechnologies.com

s-static.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:7e00:1:2b86:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

offers.seteventshowroom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	681 KB
34	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 bid.g.doubleclick.net — Cisco Umbrella Rank: 917	236 KB
20	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 336 gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r3---sn-q4flrnek.c.2mdn.net — Cisco Umbrella Rank: 160434	223 KB
17	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	139 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	276 KB
9	afkaralkhalij.net 1 redirects afkaralkhalij.net	511 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
4	rackcdn.com 07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 59091	91 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	162 KB
3	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 604 tps.doubleverify.com — Cisco Umbrella Rank: 650 tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1641	103 KB
2	innovid.com rtr.innovid.com — Cisco Umbrella Rank: 2102 s-static.innovid.com — Cisco Umbrella Rank: 2535	11 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1376	609 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	891 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3954 r2---sn-q4flrnl7.gvt1.com — Cisco Umbrella Rank: 696499	783 KB
1	seteventshowroom.com offers.seteventshowroom.com — Cisco Umbrella Rank: 59872	2 KB
1	avads.net ads.avads.net — Cisco Umbrella Rank: 34243	80 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3226	1 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	717 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1669	63 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
181	26

	Domain	Requested by
32	pagead2.googlesyndication.com	afkaralkhalij.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net afkaralkhalij.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
17	s0.2mdn.net	afkaralkhalij.net s0.2mdn.net googleads.g.doubleclick.net
15	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	csi.gstatic.com	www.gstatic.com imasdk.googleapis.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	afkaralkhalij.net	1 redirects afkaralkhalij.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	imasdk.googleapis.com	googleads.g.doubleclick.net afkaralkhalij.net imasdk.googleapis.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com	s0.2mdn.net 07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com
4	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ad.doubleclick.net	googleads.g.doubleclick.net afkaralkhalij.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	r3---sn-q4flrnek.c.2mdn.net
2	sync.teads.tv	1 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.googleadservices.com	googleads.g.doubleclick.net
1	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
1	offers.seteventshowroom.com	code.createjs.com
1	s-static.innovid.com
1	www.google.com	tpc.googlesyndication.com
1	rtr.innovid.com	imasdk.googleapis.com
1	gcdn.2mdn.net	1 redirects
1	ads.avads.net	googleads.g.doubleclick.net
1	a.rfihub.com	1 redirects
1	um.simpli.fi	1 redirects
1	code.createjs.com	s0.2mdn.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	r2---sn-q4flrnl7.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	cdn.doubleverify.com	afkaralkhalij.net
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	afkaralkhalij.net
181	40

This site contains links to these domains. Also see Links.

Domain
twitter.com
skyalsaudia.com
alhadathalkhaliji.com
visa.mofa.gov.sa

Subject Issuer	Validity	Valid
afkaralkhalij.net E1	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-27`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.avads.net Go Daddy Secure Certificate Authority - G2	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
*.seteventshowroom.com Amazon RSA 2048 M02	`2023-11-28` - `2024-12-26`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://afkaralkhalij.net/news9260.html
Frame ID: D549F9CEE305DA9877B00228B0A1369B
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 098A04AF35522925228028E04B37478D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&adk=1812271804&adf=1573534164&lmt=1707084640&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~11&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639491&bpp=8&bdt=481&idt=442&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8487466843469&frm=20&pv=2&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=557
Frame ID: 5004428CD5414CA64FF8ACFF6DBC263B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7149099761&adk=3278687367&adf=683863926&pi=t.ma~as.7149099761&w=490&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=490x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639499&bpp=3&bdt=488&idt=556&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=581
Frame ID: C687DB1A48F0CF21FBCB4409E0B5FDC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595
Frame ID: ACE7C3B6CA8C7585F8934AFA51ED500C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=4931798834&adk=1839784704&adf=4283947098&pi=t.ma~as.4931798834&w=470&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639504&bpp=1&bdt=493&idt=614&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280%2C434x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=627
Frame ID: 2FB98B3204E36B268CB81DF752B7EDF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=4760392536&adk=3243116924&adf=2701836336&pi=t.ma~as.4760392536&w=444&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=444x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639505&bpp=1&bdt=495&idt=647&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280%2C434x280%2C470x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=654
Frame ID: BF9DE176EE8A4AD8CD349DEEB3C4F579
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrYRBCrj9LWAhiauvuDAjAB&v=APEucNUULSSZ8N5XHJFHfHOMYQ2-b0omUS3yiNwKqEga625KJRjEwciEGUUJvVJ_NAqMzXhTyYZj7QwadAkDjPgAmBJySHpDpg
Frame ID: 1BE2F51F2807A99CEB728F2EF0490877
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9DFADD2ED56B389922B75001DF70F448
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnoyAIQ2OLLAhiS65uAAjAB&v=APEucNXzJ7qeW3VX9VPTVwgAM1xpWzWWSD6TtO9dqyhzDNZ5c9vhjDe2FXO7Hu4d65jz4EWZzlDuSN_UKOZEsMSFW5huxGFJXw
Frame ID: DB3CB6485CE12F7995292117172BFFC8
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvbm.js
Frame ID: 8CD329541C8C75793E15A9798AD24883
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1362911606480008&output=html&h=280&adk=1626564692&adf=333044141&pi=t.aa~a.2072042287~rp.1&w=470&fwrn=4&fwrnh=100&lmt=1707084641&rafmt=1&to=qs&pwprc=8411997553&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084640766&bpp=2&bdt=1756&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c874747d4a759b1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MasxT6rRZLVaj-C-8gk_UDA7KdH3g&gpic=UID%3D00000a0b6f87e300%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MYDyHfkKNRwgg1uwjso2trfzBFMKA&eo_id_str=ID%3D51c6cacc3a7e2ad1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DAA-Afjb8G9s-xFgzNE7EHffo7m2T&prev_fmts=0x0%2C490x280%2C434x280%2C470x280%2C444x280&nras=2&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=519
Frame ID: C2FF44AAAAF9BCF20796FC4C2BDF990D
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 9421359F4F32A36780E58A78504101EB
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9E85B3B991E019DF4A6B46881D4B366B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A8F08A43B15F2FEC75F0B922EA9D1541
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
Frame ID: A9DAB8AC3ED46050A4F0E47D0DF4664A
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js
Frame ID: 7FD674170CF778B386FC0A1AC72C1894
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 254E94F62DED6AB4709EAC0FEB71D7DF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: CE933EF5E10B70603042EDC380795FDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3A5EC60A7FCADEDBC27BD6C1B634D6D7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F69A14CFF25152A1DF0092EEF4806C0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB63D134B5F1107E6FAB223986385477
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4E43E2D5D3F5590F229646A0D679ADF5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

الاستعلام عن تأشيرة السعودية برقم الجواز إنجاز منصة التأشيرات الإلكترونية وزارة الخارجية

Page URL History Show full URLs

http://afkaralkhalij.net/news9260.html HTTP 301
https://afkaralkhalij.net/news9260.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

181
Requests

91 %
HTTPS

62 %
IPv6

26
Domains

40
Subdomains

32
IPs

3
Countries

3446 kB
Transfer

40136 kB
Size

32
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?text=%D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85%20%D8%B9%D9%86%20%D8%AA%D8%A3%D8%B4%D9%8A%D8%B1%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%D8%A8%D8%B1%D9%82%D9%85%20%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%B2%20%D8%A5%D9%86%D8%AC%D8%A7%D8%B2%20%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D8%AA%D8%A3%D8%B4%D9%8A%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%88%D8%B2%D8%A7%D8%B1%D8%A9%20%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9&url=https://afkaralkhalij.net/news9260.html

Search URL Search Domain Scan URL

URL: https://skyalsaudia.com/news4108536.html
Title: نجم النصر السعودي تسبب في اعتزالي!! حديث لاعب ريال مدريد الأسبق يثير الجدل عن الدون

Search URL Search Domain Scan URL

URL: https://alhadathalkhaliji.com/news450499.html
Title: كيفية استقدام العمالة المنزلية عبر منصة مساند بالخطوات وأهم الشروط المطلوبة

Search URL Search Domain Scan URL

URL: https://alhadathalkhaliji.com/news450498.html
Title: كيفية إلغاء تذكرة رحلة الخطوط الجوية السعودية واسترداد قيمة التذكرة إلكترونيًا

Search URL Search Domain Scan URL

URL: https://visa.mofa.gov.sa/VisaPerson/GetApplicantData
Title: من هنا

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://afkaralkhalij.net/news9260.html HTTP 301
https://afkaralkhalij.net/news9260.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

Request Chain 38

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcALYOI15HBdlQtuvVCfrQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1

Request Chain 40

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcALYOI15HBdlQtuvVCfrQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D

Request Chain 68

https://redirector.gvt1.com/videoplayback?id=35cde22b4ef74a59&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1707091840&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=97F031D6BE363CD096D114EED608BCB9C40F9C25.606613CD28873DB53F3D29350AFCDE14092DA7EC&key=ck2 HTTP 302
https://r2---sn-q4flrnl7.gvt1.com/videoplayback?id=35cde22b4ef74a59&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1707091840&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1A9EC518AB6C2C9317C9A51508EB38B364F94DF7.1E84F54C818A8222071D95E1AF65545DAC9E0B77&key=cms1&cms_redirect=yes&mh=2C&mip=2001:550:1d05:1::11&mm=28&mn=sn-q4flrnl7&ms=nvh&mt=1707084259&mv=m&mvi=2&pl=48

Request Chain 86

https://googleads.g.doubleclick.net/pagead/adview?ai=ClsNAYAvAZaisDpaE3rsP6bWegAveu9Ladbb6nJOsEp6XmM3KARABIO-RhBNgyYaAgNyjxBCgAd3wqsAqyAEJqAMByAPLBKoEjAJP0C3ruyYs0eF4H3wnUrycIHXxm2wST7POJyDaqvK9-4Fs2W-uVKlk4G4VtCABuj55t_TA_LqLhZa4_q64EqHu5DB9l79QBu8C3U5o-urK7PuF_QeuOCt9FURU6sN4rLIpfZYUrv5E8Kfrr0Hjy5dlZLd-1FFYmMGZMkryaE2jQkhezs9nUrpqFWOGFF2rh-5YiJzFmU7pO5pPQggdwDD615XtTOBZo144Az1nccNWY6tTS4MSc-mmDeyJA8LPYHaE2CdiQwWpqEQtONAnIOljPWdrpqvqYxjadYNfGT4NwFKETAVFLiN93-T-J_BVg4XTXkbf3himA3eY40YanWZYSBJHat_y-ZaVpl95wASqw_KP0wSIBeiKg9pNkgUECAQYAZIFBAgFGASgBi6AB92o-58FqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQgsoS0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj-h9Ts2ZKEA5oJjgFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZFBhZ2UuaHRtbD9jYW1wYWlnbl9pZD0yMDg1ODMyNDMyOCZhZGdyb3VwX2lkPTE1OTc1MjQyOTk5NCZwbGFjZW1lbnRfaWQ9YWZrYXJhbGtoYWxpai5uZXQmY3JlYXRpdmVfaWQ9Njg0NjYzNTk5NzQxgAoByAsB2gwRCgsQkLPRl8645M-dARICAQO4E5wb2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTEzNjI5MTE2MDY0ODAwMDgYAA&sigh=c2faI8GhLOU&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_Dw-EdFcZajSecme8Z_UD8q2HLExYIiAalF8RSOZjNED8ON4i72mBS8xAc9urlLKANlu43nZtQ2TMtCu1qJVlBhslr7MKECeBvAIYAQ&template_id=3484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb395e524f2dbb350000000000000000%22,%222%22:%220xa95ed8656864677b0000000000000000%22,%223%22:%220xb46d556a439680b00000000000000000%22,%224%22:%220xf57e7d26dae8178a0000000000000000%22,%225%22:%220x5ff86dbbb02f48020000000000000000%22},%22debug_key%22:%221465110366447932924%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22303512494926460321%22}&andc=true

Request Chain 115

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_cver=1&google_push=AXcoOmQkqe3bYoLBUAZ4jmq16cegjichTeFMRkOXyffAC9dYvzUzGKWINo-Rd3XPecZxzz5X-9x9_HTf8rDMYfJjbzVIy_XS7kSxMtM HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=a7fb86c4e620415&is_secure=true&networkId=14000&version=1&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_cver=1&google_push=AXcoOmQkqe3bYoLBUAZ4jmq16cegjichTeFMRkOXyffAC9dYvzUzGKWINo-Rd3XPecZxzz5X-9x9_HTf8rDMYfJjbzVIy_XS7kSxMtM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABvNN93cGVrAN8fFosAAAAAAA&expiration=1707171042&google_cver=1&is_secure=true&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_push=AXcoOmQkqe3bYoLBUAZ4jmq16cegjichTeFMRkOXyffAC9dYvzUzGKWINo-Rd3XPecZxzz5X-9x9_HTf8rDMYfJjbzVIy_XS7kSxMtM

Request Chain 116

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cver=1&google_push=AXcoOmTlDaVrBAgsQ2HT3COfDdQ66eJ_T3fQJFTXqRdFCztcZi95cKq19mMLgFpPkCpE9uo6ubH3v0AZCDOs5AbQ8pzF-wzgI54n6OoZ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cver=1&google_push=AXcoOmTlDaVrBAgsQ2HT3COfDdQ66eJ_T3fQJFTXqRdFCztcZi95cKq19mMLgFpPkCpE9uo6ubH3v0AZCDOs5AbQ8pzF-wzgI54n6OoZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkFyMllTSHkxUndLSGc1&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cver=1&google_push=AXcoOmTlDaVrBAgsQ2HT3COfDdQ66eJ_T3fQJFTXqRdFCztcZi95cKq19mMLgFpPkCpE9uo6ubH3v0AZCDOs5AbQ8pzF-wzgI54n6OoZ

Request Chain 117

https://um.simpli.fi/gp_match?google_gid=CAESEBeekySsUod3ejSLVicfMwA&google_cver=1&google_push=AXcoOmREV_Ol6stKEpduW19J7St43lYjFvtFON-fnGrZYSV_wAu1d8XlxSiSkmlv_cXb2Hfm7Kqh-85rE00RLUIXj2zWGs8-ZBLO5Q0Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8CE9E339271458FA34B23EF8E70D51E&google_push=AXcoOmREV_Ol6stKEpduW19J7St43lYjFvtFON-fnGrZYSV_wAu1d8XlxSiSkmlv_cXb2Hfm7Kqh-85rE00RLUIXj2zWGs8-ZBLO5Q0Z

Request Chain 118

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM4C9O3eKVq4KtCbJV4rf3M&google_cver=1&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6DaQ1Vjh0kBfT9XV4O15ZL65UQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM4C9O3eKVq4KtCbJV4rf3M&google_cver=1&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6DaQ1Vjh0kBfT9XV4O15ZL65UQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMDg5OTA4NjQ1NzI4MjIwNw&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6DaQ1Vjh0kBfT9XV4O15ZL65UQ

Request Chain 119

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPnHzRaxu-tLASQcBqls42s&google_cver=1&google_push=AXcoOmQkOlbJs_HoUH-gQqwpvdD9RmzfLTQUVyCXQaU582A8m8UKJMQkqrWUa0FqB7OS3dJkEWMnYQhXSH9ZC8rWAkbM6FS8CGodZU5hmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQkOlbJs_HoUH-gQqwpvdD9RmzfLTQUVyCXQaU582A8m8UKJMQkqrWUa0FqB7OS3dJkEWMnYQhXSH9ZC8rWAkbM6FS8CGodZU5hmw&google_hm=MjM2MjYwMDQ0NzQ3OTYzODg0OQ==

Request Chain 121

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEISBJyihwd4Uq7pvuEq-vcc&google_cver=1&google_push=AXcoOmQDoQDPT3DsYKsrfKezJw6aQTMT4Ff7CZzy_5kTXjlkB_EM49L9nzuQj_zb18JrI_g8jtT7frQOIDGmAvsUAKCoXJ6MzCFNLtdzgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZmZjZGFiNDgtZWNkZi00MTQ1LWE4ZjgtZDA1Nzg2YmFlYjVh&google_push=AXcoOmQDoQDPT3DsYKsrfKezJw6aQTMT4Ff7CZzy_5kTXjlkB_EM49L9nzuQj_zb18JrI_g8jtT7frQOIDGmAvsUAKCoXJ6MzCFNLtdzgQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 126

https://gcdn.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4C888B3DA10E21894BAAC0905EBA7D0F6A2D923.49734D9411664D0E44D0A92AFA737ED619C7DB57/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-q4flrnek.c.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E65A63DFC9165E5D685B055CA68421697C4F83E.0631764C397F00DECE39558D2C40B2BE5AF3FE2F/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::11/mm/42/mn/sn-q4flrnek/ms/onc/mt/1707083622/mv/u/mvi/3/pl/48/file/file.mp4

181 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request news9260.html Show response
afkaralkhalij.net/
Redirect Chain

http://afkaralkhalij.net/news9260.html
https://afkaralkhalij.net/news9260.html

47 KB
8 KB

239ms
141ms

Document
text/html

2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe694e450f2d0ee8030a41b20b9438ba141f71e1c62369856d41876607cd065a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85063eb0fabb31ce-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Feb 2024 22:10:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EvEnwhV%2Bj5higH1%2FL2MgmUPcj2mH3KUaErP1wQ8D4MhCGtjuwWDtYo4QdEeh4gBAfCUl6l6XoNbxaFgzImt%2BlAjqYrQxyMjOhUsujWTeD0gBu9sv29JXH%2B34WPUCXuLJxDPBysUt3kyMWAxK3QP6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 85063eafd9ee747b-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 04 Feb 2024 22:10:38 GMT
Expires: Sun, 04 Feb 2024 23:10:38 GMT
Location: https://afkaralkhalij.net/news9260.html
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTRuWO82M6r%2FEQU9xYBcaULYN7VGPphHJdeuxVsDi4yS6f9TQXYzSDILGJDdu7EYwtg3oIRnSTfbxKaTSBbFUhhR%2BobP%2Bk9%2BbAlKpK%2BSrsdfTS06X2Hs6y38l3suYAyeWhP4f6howiTmzOW114kOEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 326ms
90ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1362911606480008

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb16a4f2068af11558e6f4623e72e4cd345ad83cf533fa93329e6191a94a95db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Origin: https://afkaralkhalij.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51574
x-xss-protection: 0
server: cafe
etag: 13302453566759220881
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 04 Feb 2024 22:10:39 GMT

GET
H2 200 IBMPlexArabic-Medium.ttf
afkaralkhalij.net/fonts/ 237 KB
101 KB 141ms
85ms Font
font/ttf 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://afkaralkhalij.net/fonts/IBMPlexArabic-Medium.ttf
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae5309ec9b3c7fd42a94fbb41f7c07ac4429f6261d21a5e430da2d98ff9144d

Request headers

Referer: https://afkaralkhalij.net/news9260.html
Origin: https://afkaralkhalij.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 11:07:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3166
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2B5AFLpc7AvMCIaCeTQ0XHccSH6SM8QJaJlRnPEHtTl6KXw1SwjYbb4qODWGcPa9h0PCWuEKjb1%2Bizf9Pd%2FjNkCmW7ZqG5a7vfR9YEM%2BV6OixXARhy%2BMrMy3V8OK5ZWKeJQ8Zti%2F%2BT3i%2B6HAmRJFbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=16070400
cf-ray: 85063eb23cef31ce-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 IBMPlexArabic-Bold.ttf
afkaralkhalij.net/fonts/ 242 KB
99 KB 107ms
52ms Font
font/ttf 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://afkaralkhalij.net/fonts/IBMPlexArabic-Bold.ttf
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874dbba26924377cea9ca22d38f864df42ffa574e4bd958938082bccc589fddf

Request headers

Referer: https://afkaralkhalij.net/news9260.html
Origin: https://afkaralkhalij.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 11:07:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3166
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=digcQGTHt%2BkXh3tSVjCpAb2KvrzC6f%2BWWunQlspuF%2FFo0mgkAkyhytL0B1NhE6Y%2FPBwYcs69gpv8T1k%2BvTApI%2Ff7UFDjTjlUX9HFq82hFp41aKoaq2bhNWnl96dTOorYDHhlr1eD9ZDR5ts4a%2BOrXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=16070400
cf-ray: 85063eb23cf031ce-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
afkaralkhalij.net/images/ 13 KB
14 KB 106ms
51ms Image
image/png 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afkaralkhalij.net/images/logo.png
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2278ea11a0b0ce6e5b4b911b50312038095b6aa8b9664ba7ede8ce4e20dcd098

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/news9260.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 09:36:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3166
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzeEhczxTWL3%2F5oa61edBjkwSPQNjbay6i8YnTkYXaVzbyQVCP4Of7JukTyidXpymEbDDcs6uUSwZgfL7TF051FwlFrygZAGbYwzb2OL7Ejv6HQ31aTyJ4Boeze6Dd2gxJSOH0hPyPRqtCsDPWXaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 85063eb23cf131ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 13798

GET
H2 200 01-01-24-321327944.webp
afkaralkhalij.net/user_images/news/ 19 KB
19 KB 247ms
153ms Image
image/webp 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afkaralkhalij.net/user_images/news/01-01-24-321327944.webp
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4bd75c2ba6a30e81bdea661fdaf82a77d616ef1924cf314981854dcb577d906

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/news9260.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Jan 2024 09:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmsR1oSJwM%2B00%2Blf7RFf13APmXX%2FTS5kTmNBbWVvu2eX7z8926wGaTq8Tzy3WOxilgrnhqYYDUkKtR5joYSTBU5fg%2F7nxIIr0bbCUbebeJi2D0RQoThW9TxzT3gP505JCuoMKl0eFDHNsVVVu8v9rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 85063eb2ee3931ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 19604

GET
H2 200 twitter.png
afkaralkhalij.net/images/ 2 KB
2 KB 146ms
52ms Image
image/png 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afkaralkhalij.net/images/twitter.png
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf83ab5ae86e50549ba36b548d34b733e5513faba5c5ebaef27495aae63e7b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/news9260.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 01:08:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3166
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJ4AxcAEl2JYcM8FKLoO5cdliIbdR4C%2FheonPwBk72EjmQ4TU2cQajkjpUdDm5SQT%2FvJMLPNC1xwoDvTJ35w6nOjLx%2FKAOGBOAnjSdYsjL9JwzpuTZ1tNhyJjwx%2FayBG8UNOsZIieyGqCz9H4ic4rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 85063eb2ee3e31ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1718

GET
H2 200 image-20231217152411-1.png
afkaralkhalij.net/user_images/news/ 204 KB
205 KB 297ms
205ms Image
image/png 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afkaralkhalij.net/user_images/news/image-20231217152411-1.png
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448998c350e5f8354df0cae3c548f04be742ad79ee6e94f2c9cb99f8e081a8cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/news9260.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 13:24:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m83nD0ndvfG%2FUu9I%2Bd1cptntly1WgpiSIvGea8TpCg1ymBveoRpeRDX9Qg1QrMgd%2BB7lkDJwTEs6SxMObVR73HYmx2lciFlYBNzNh6GCc7J7moRvOzrXJTPgwTAoxlegb22l1yOq8SOEf3H47h4XFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 85063eb2ee4131ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 209108

GET
H2 200 image-20231217152411-2.png
afkaralkhalij.net/user_images/news/ 63 KB
63 KB 307ms
215ms Image
image/png 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afkaralkhalij.net/user_images/news/image-20231217152411-2.png
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0324ab26d45716447cdae9b1b92d6624aa401d795b2e67184288c8472bcef7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/news9260.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 13:24:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUPu6JY1H2mcWlXhoQamq%2BNCXe4ej7C5%2FmRgCp8TxfiFtSCol9BuZuqcJ6ZBm7FYC8p1Cq3bk%2FGtjVwXlkzBya7dSt3noLF1OOx7LjTEnqc%2Fu00h6Y6yCyVDGluw5aJAD7Z5Q5gYTnAO57xCyrVd7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 85063eb2ee4231ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 64093

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 277ms
86ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZECV0LCVML

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15750b91c738ba7862b88ebaf125e157c32182b073637c35ee1525a9fae2b20d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 22:10:39 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 406 KB
138 KB 266ms
117ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1362911606480008

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49c7728701329a1afd92478438430418ea270f685a582b3e08a77d1a1caab38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140876
x-xss-protection: 0
server: cafe
etag: 14324454074583865427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:10:39 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame 098A 9 KB
5 KB 220ms
66ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1362911606480008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 20:08:54 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 20:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 266ms
78ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZECV0LCVML&gtm=45je41v0v9134269432za200&_p=1707084639246&gcd=11l1l1l1l1&npa=0&dma=0&cid=804276535.1707084640&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707084639&sct=1&seg=0&dl=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&dt=%D8%A7%D9%84%D8%A7%D8%B3%D8%AA%D8%B9%D9%84%D8%A7%D9%85%20%D8%B9%D9%86%20%D8%AA%D8%A3%D8%B4%D9%8A%D8%B1%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9%20%D8%A8%D8%B1%D9%82%D9%85%20%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%B2%20%D8%A5%D9%86%D8%AC%D8%A7%D8%B2%20%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D8%AA%D8%A3%D8%B4%D9%8A%D8%B1%D8%A7%D8%AA%20%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%88%D8%B2%D8%A7%D8%B1%D8%A9%20%D8%A7%D9%84%D8%AE%D8%A7%D8%B1%D8%AC%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1167
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZECV0LCVML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://afkaralkhalij.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5004 143 KB
36 KB 434ms
429ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&adk=1812271804&adf=1573534164&lmt=1707084640&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~11&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639491&bpp=8&bdt=481&idt=442&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8487466843469&frm=20&pv=2&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

588d9fc04b31b5dc8356f39a0c20d639267b2b4135cc87aaf95badb6b047fb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36892
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:40 GMT
expires: Sun, 04 Feb 2024 22:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C687 29 KB
12 KB 477ms
476ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7149099761&adk=3278687367&adf=683863926&pi=t.ma~as.7149099761&w=490&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=490x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639499&bpp=3&bdt=488&idt=556&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=581

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f83c550cae34b97b3014e919ec59ee6455a83c2b5ab67f5dec7ec66e08b3d80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12054
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:40 GMT
expires: Sun, 04 Feb 2024 22:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ACE7 126 KB
48 KB 774ms
773ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8370993ead11fdd699484f234fc93f2629665cf5ea5dd3ef67528b609013e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48997
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:40 GMT
expires: Sun, 04 Feb 2024 22:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2FB9 865 B
635 B 348ms
346ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=4931798834&adk=1839784704&adf=4283947098&pi=t.ma~as.4931798834&w=470&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639504&bpp=1&bdt=493&idt=614&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280%2C434x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=627

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e32d8009559a296d9123d03dfd6c46c106f9d3da1ca3abb468fff80a332dcf24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:40 GMT
expires: Sun, 04 Feb 2024 22:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF9D 167 KB
49 KB 447ms
447ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=4760392536&adk=3243116924&adf=2701836336&pi=t.ma~as.4760392536&w=444&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=444x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639505&bpp=1&bdt=495&idt=647&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280%2C434x280%2C470x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c61bd05cc1f2cbb1c102fd7faf383bbb9ef4cc8c412fc7e5f339cf971e87b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50160
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:40 GMT
expires: Sun, 04 Feb 2024 22:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 165 KB
56 KB 114ms
104ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00162fa3e3933971d043cbcf21e8449ae979b15a26392980801940771c4772c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57032
x-xss-protection: 0
server: cafe
etag: 2013768662832003969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:10:40 GMT

GET
H2 200 ca-pub-1362911606480008 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 292ms
111ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1362911606480008?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73dd5e07aef0497f58286ff3139a23e5f3d7b9dfcdb5416647def5152b69ce3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UdaXB2l99f-3808o6ckAPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-UdaXB2l99f-3808o6ckAPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sOoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLheDCtYR2bwInln-cyAwCBvlPE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BE2 624 B
246 B 96ms
94ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrYRBCrj9LWAhiauvuDAjAB&v=APEucNUULSSZ8N5XHJFHfHOMYQ2-b0omUS3yiNwKqEga625KJRjEwciEGUUJvVJ_NAqMzXhTyYZj7QwadAkDjPgAmBJySHpDpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7149099761&adk=3278687367&adf=683863926&pi=t.ma~as.7149099761&w=490&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=490x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639499&bpp=3&bdt=488&idt=556&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=581

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7149099761&adk=3278687367&adf=683863926&pi=t.ma~as.7149099761&w=490&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=490x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639499&bpp=3&bdt=488&idt=556&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=581
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:40 GMT
expires: Sun, 04 Feb 2024 22:10:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9DFA 93 KB
33 KB 109ms
105ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:10:40 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9DFA 18 KB
8 KB 206ms
62ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 04 Feb 2024 22:16:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 9DFA 3 KB
1 KB 241ms
81ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 9DFA 20 KB
9 KB 222ms
63ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9DFA 205 KB
62 KB 69ms
67ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 21:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63267
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:29:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DFA 42 B
63 B 103ms
101ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZBFdLo7xWmT4GPlMwFF2dSkbYy_5pHUtT5BFBiFuXB-n7pz69fNkrYQvMFgP30oTzwVIvxFhIy-3VI5TsyDeik8m9mjWHCCGzX0Ykdi6wuRURK1c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame BF9D 9 KB
5 KB 212ms
64ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=4760392536&adk=3243116924&adf=2701836336&pi=t.ma~as.4760392536&w=444&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=444x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639505&bpp=1&bdt=495&idt=647&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280%2C434x280%2C470x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:11:58 GMT

GET
H2 200 76b55318f38568e647e781cd595cf10f.js Show response
www.gstatic.com/mysidia/ Frame BF9D 147 KB
54 KB 213ms
66ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/76b55318f38568e647e781cd595cf10f.js?tag=video_mra/web_raspberry_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fa22ba0a74aea1fc70a975f9366d22491d504c3aa25c40e0bbd7cabaaa5ba2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54951
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:30:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BF9D 14 KB
1 KB 223ms
82ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Feb 2024 22:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 21:43:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Feb 2024 22:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BF9D 21 KB
2 KB 221ms
81ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Feb 2024 22:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 21:40:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Feb 2024 22:10:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame BF9D 2 KB
876 B 72ms
68ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame BF9D 23 KB
9 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:45:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame BF9D 3 KB
1 KB 78ms
76ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame BF9D 67 B
197 B 224ms
80ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 05:56:49 GMT
x-content-type-options: nosniff
server: cafe
age: 58431
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Mon, 05 Feb 2024 05:56:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame BF9D 20 KB
8 KB 214ms
70ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF9D 205 KB
65 KB 116ms
112ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:10:40 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame BF9D 37 KB
15 KB 77ms
75ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 May 2024 09:20:29 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1BE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

43 B
774 B

257ms
253ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrYRBCrj9LWAhiauvuDAjAB&v=APEucNUULSSZ8N5XHJFHfHOMYQ2-b0omUS3yiNwKqEga625KJRjEwciEGUUJvVJ_NAqMzXhTyYZj7QwadAkDjPgAmBJySHpDpg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn13FBaU8pC%2F%2FZYsYYIPn%2ByL6cT%2BDxWBO6Klnxbc3sKnmir13hK8tppa2jQuwAkCce%2BMlgSnC9L%2FUq7K0nTjTbMaprRx2F2c7gBYXZZ%2BqvR6zLa5qGNo7WO3haD4V1KfQZqKVX0Co1FP%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85063ebeef97224b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1BE2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcALYOI15HBdlQtuvVCfrQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

43 B
733 B

84ms
83ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrYRBCrj9LWAhiauvuDAjAB&v=APEucNUULSSZ8N5XHJFHfHOMYQ2-b0omUS3yiNwKqEga625KJRjEwciEGUUJvVJ_NAqMzXhTyYZj7QwadAkDjPgAmBJySHpDpg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTxJ9gmCqzjlugvXDrkpaeNo3KB4%2B7dfSUNQoLRorCU0SWdPXeXcRynKg5a9vfUjK0OhXydHLsRraq5vykjDK3cGdRvdQzGDOQqrjO81SybMPz0m%2ByHex%2Bu3ij5eAzVkG0CFWUvks6RVew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85063ec0eaa5224b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1BE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1

43 B
1 KB

74ms
67ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrYRBCrj9LWAhiauvuDAjAB&v=APEucNUULSSZ8N5XHJFHfHOMYQ2-b0omUS3yiNwKqEga625KJRjEwciEGUUJvVJ_NAqMzXhTyYZj7QwadAkDjPgAmBJySHpDpg

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
an-x-request-uuid: 2c787474-51f1-4d90-966a-2cb06832c278
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.68; 38.132.118.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BE2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D

170 B
243 B

99ms
97ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
an-x-request-uuid: f1499ed6-fb86-48e5-9ed5-d4861ae3aed6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D
x-proxy-origin: 38.132.118.68; 38.132.118.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DFA 0
20 B 104ms
101ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3739918579490&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DFA 0
20 B 101ms
100ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3739918579490&version=m202401290101&ct=77&x=1&cor=16229697345826064000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9DFA 20 KB
13 KB 120ms
119ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8QILjN8VwUVWP72sAIaqraJ3ngdBMPvfabzvX85VjWZlH3dWZ3JidQd-oUJtqzzi6ksS8-vxD65-4OuMFXEnG9QeZTRkzJdWwSkUUdKCaz6E1A8DdYuLPlPQC5N6DGBI3lR0Ef8GoJYn_7TIS2G03hUbfOVHbziA0eqHw8zslUYXvX7Y&cry=1&dbm_d=AKAmf-AqRCO2T8uwBxDwcy1ZrApBq3OEhWsXns0jgulddhlQsnC_MGd0BjvTL5BFaW96R8eHbw3Z-7b-G7HLHFZSKN6jVNCCxH3XwClJJQQ5WzrHmQ7yusfKKWtdaaykaq_OGQvjhNYZnY894Ah4Ciupc30_OMUsiVnD5wNhXHCOMurKX5cBr2Wh4xxx4OOGVcj0bET7SOGi9vNGOvuXX4ib7FMqo5Yp_JgCvDRkbZ1I_GnBFY35_9kYDTr3x8oDm49-bUuV8k7NnIoA-dCuoYGFXS-CI38-NXIsHdRvrmF7HWudWYtf4cG5rHXyUDfHnc0NIGf_qWX8bKXIn3R0AZgtwDS-iVytiHVWesyjaEWx4KjtM0l7K_GhuPPPtVwd08FfhkV_xEPq5iwREDqLsLgALLYtnbfBF_scV6qmDKjyisJVEiwKlzqD2JH8HrVOKseMaFUQcAjEulW5diBJjANoBaGe6LOnwUk7ao8TUfGVIxR_xICIGcl-gBG2vqDQ0AdoEZ57XTVLcbs3V-r3zf12LtKDDUAUMmxFd9AwgYUUccaL56bDLO9CJ0ZbMaWAJJ15cVZoFw9Qm9A49TlTdt26X1uWzPLXn2r7RObitFklkCR7O9aJNQDvOgel5BTdkc25BmV204icpmb3Dyzs9fMoNjjcz4gZDqYsuRs9MXIbF5uc3z2-0cjCzInfxjcYRW1pcg34HV2gxbkQQYB-WkBhy6jWKL1qPzRCS015-k1krwg3q19DgGnH9E9vBs__UiA1GFwLBRaeSiX02LkgjKvd99e-2JwxNblSJXWj9z_TQ7h_xInWT4_xB51Fvt23V78zqf1Av8DxdsmTTIGUPk9bTetYEAv0hkzkwWMDBhJMgPgSO25_BfAyVbOsdQXXMiEN19rtyBF1Nnk1D0NjgWVD_QmJjMmtgqHgJTxDDvkTUhg7JBkCXXSY7YPYBTr71m9f1vTN95XQXBl8m54P3hqzNzMoiQrk5AjP7rEPmfBEdTT0CL2eideYcPoLtyaBgUmWxlf7dwmYAo1k4fW0Fa9WCh9jtC1d2x52vNUQd80p3TD5Ln3CpAOjXSoF2qL22wQbyqAxOECadjLiT-B0wOmT4Scoe2CKlpRAppDtHv6f_HCxFBrgHSOzZ407hdmf-vGDgXMfv4czGqu8xigI3lI2YiwF5v48FeaMbzxVxYOWxQh3hKgRiA-GLyBBiQ_8MPVJeey-oOhZgatGn7IT_CmcwA2s6t7skBp66EZ1UPJL9CYEu3CW93Mrai6tlfV3zrViw9Iil59SVfW-P-qdZjWKnZS1yTkKhQLJbreLEN1GKreC3luDS2bYTg_Ti9TF45NnUWCb5nV8iL6hpR-PMeP60QwJ7SbK0oFhyTqJ2owBrk3-ryBTIQlJ1F77koq98a2v-eA94SMm-avY_3fY7j6253dLntTUzO1uko2EEygQKnFhMGv_Y8hkIwnOuEx34W5DVPt0N3lRKzDany3odhn9z8ZcqwSKPj_v_vUdpIut4PQOBgPR4BkiqcDuT9Q2NDX5X7ajWimISTyUHTjfwF3UCWd4ky06W_S2coU63Lzkldpii_JVrJ1Oy8bC5L1uep0mX7ce1J2aNodepqLnS0rrmEAhwfBPMgISpbjKnhp7_uapCJow-6z6quqTF06HHLRZsufTA9wY1kHaUTjXPWQuCVM8aoxs5cfKWT-b631gXbWhOgzWuQQLscNEwuTwdCFgAJSf9548pvZm_CV_dZa3-VJDbQybbPeHOcTgJox4mNSVJoo1cn0jcHIiHxpkkN5dNnKKrZ6o1BetbVtZnfYUY2b_RAF5y17HbR_zmqK2J5h4aSZRCrShprmmFn-l4kpWit2k1UI3YjctJrpXuhqMn-gbK-4ghxxI_KVx8BazXy17nBxV15M9LUqCGZOjr53XTBTY2ncNa8zVd5EuE6GDi8cWUgL9O8M09XCTaGSw195Rq0unjMPOGd20-07x_0tdvWZp3h2-IZ1LT_DhDFwUKQ2pc2dLaxro3Iru7ytwXCncjbqzoxctzjQZcQeqSEFyvnI8p70ZpSW_oIA13OY7gvZ7Bx_e7udlPBIgppk399EFJgHyqu5U0r9fuq8DKXb93nJBobH2iJjE05pF2B6Qe7C472Q-GmwVlyCXsK1kJ2jKbidyIbMkW40BKbO2-iy2ItwJNleYT9QnQDNSQx6c8nk6OOJNHbYd6kipc3Es5Mvu1PW3Qeo6zCPI-m0XnGXtQH2PbEsjX5ip6imVOHVEudjAeQm98h4CSayAyJlfp2wWC7L_h4pPyl8llo53UfEgzaVfsAfDh1LO4DNLW00mLUnYzW2SNdzEjOw-EOFWg0uFIRDJJE_wd8WnoN7yncLiM1MY98u8ptdU9FL_pbrzozEuIsdWrhJyORVDMsCXbJdmNtR6rUFIb8DvnBCe2Hg8eeErrct6UIVFGRwEUtSl_5kpRBKBq1wSlzc0U1SviP97lVRCCmOxNySC8L6lLdUHFOoyDRHfqeo9BnbKpgX-adUoi0xO1i-K3CWREhTFwnCCKIZitCifyKtZH37FFz9vQEf4QJxqE9Xlm_RHmpGRQNljV8BTAIUwOeeCcLbIh2Zi3NGCf-vYLmXeXgRtTxsRkCVZVUptdy6DuC4-cnHnESz5y1zffyVsIsFdDjRHh9QiohNDY82FIvyC6eIr_zXsE7_SFcEF_NIdYOruunkyh-Dj6m7e7LHEfM_RC_HgXSHj3XMUwoCJPPZOakpsx1B3CBXP4cERbCdWvfMw_MtMVxQdYDw8iHczx6ckCHK_SiCzCFl7g_tcrop3m1GdUacEvVZqdeAu0I_kV4lKG2qTH3Grg91Fg5swbXo_KzF58ALMLejcnUxny0MdC4K8oIsiGmLuCyy5ozSmtTVQVXg1qUK5aZBYB9kzHIE2kWFGOPvxHrNjge5jWA2sCrFiV81I_pb4h-SdtID-C9iBbTckVH0n3RMzp59r__7qDQsi-aby-r1-cTcsdIKn4Z6QiDBySI0ymcmp0DpFY6DNoUkfW0KpJyIif4XqsMioH0ScKxAJLCqmQxcf2R1RVp6pR3HANRVjRAG-6HtEHB8c0PO5-27QN3QMc_eX2WO57VRQ7AS2xdRWXlbv0m_tuHGmGUqeevpKmyQC6p0DunvWLhCCKgd-RA9cSHvEnJjsrirs8j5v8d4P67YUQ6WUk5_p0uI0DZi-Gci48yhNxXDHVA-8WaT1Ahy0eKuQZVSNJ86zIuFtq_zUcJ48kHp9KiJv0tki1fXaiuwtMTcod-Wqn1Xp5RW_cMOVz32-WUn4qa1LIVZnnWABV7N30_Uw4GSna6Udo7K6o9b5is8ljl9-1PeO1wEkvRLo5Pb85zoclOGnG_klwtPHlICvNTcupScYI16AsWCiqQ3xMJ-a-9AHv44NtLGVvwfO-pr4869aHpoFVwBp6xmYEQB4mUzkiINfhhGoFUa_2xgUSyy2YTX8DJSWOJknxd_ngePiHlo77UgmvaSsl73JbkUBl8_FClgLtn8xeCjBeZ41CJjN5AfpxPY-POLiQaEQBkwcjo6KUsLWAoThTmPrgVbhckR0Cvx0vOT-P6WH3X4PthBHKy54R5H4tjyaQAw75NTmNtXqSXVM5OINjVco9mfmjkNmwJX3PgjO0TiSsdmulUztMAX04EPAV5WChVKyHn79mScUVERykXRlojDHnuH87wG33DOhLop0w6GVarf-I4pmCVB-4JSanqo6F2Mb1F3r8KBACZDmrICf_d5_2hgZM_OjPaSmlyLfQe78PO0LEkc8SomSkiB_4zFwHjRkWCQl0FXVmma_HEB9iIpx8eZ3jkbiEiaawwiMbwAHgmDrRjA0qB8BjvltGwV7kQtrBhpIPwFTtv4PJr84yJJIzuav6NRxUudTgVssdXGJDKX2tHshAx8Jvat3zZvbK8xjfVeyRA60aGy2qQNn-Cz3haILG912nxGXSVZPH_PD8Oekmi_M7o6iLmvQ3yjeof55nMrVkAHPZrl-x0HIqTiazYcmellsC6Q8jD-bC4xPPKqBAkCUA0cpgS0cLVsj60BNSHEksPH2vDI_j6u-Mue_qzozQseYqJ2iRJimOohvYk19HVQ4ZCvtNSJJe9ddYHRJ7BDuvFqNy6mXLTlNCxKchKSP2Mx3IlJeweuTna-XJhfA&cid=CAQSTgAvHhf_jLvaRB9ojAdLOhb8LfMjFBjvi9tlj0ibcebOioxGSen3DZ504155EonpvDVGNMMTj_FK2aER-BxfqaUXwyyq_rXgc1KGZTzXuRgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fafkaralkhalij.net%2F&ds=l&xdt=1&iif=1&cor=16229697345826064000&adk=2124396031&idt=121&cac=0&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fea1e47b2b2b3c332efbd702e3622d9335aa55bdf49e80cc9b94bfbe8f1882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7149099761&adk=3278687367&adf=683863926&pi=t.ma~as.7149099761&w=490&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=490x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639499&bpp=3&bdt=488&idt=556&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=581
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13527
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DB3C 624 B
245 B 124ms
90ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnoyAIQ2OLLAhiS65uAAjAB&v=APEucNXzJ7qeW3VX9VPTVwgAM1xpWzWWSD6TtO9dqyhzDNZ5c9vhjDe2FXO7Hu4d65jz4EWZzlDuSN_UKOZEsMSFW5huxGFJXw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:41 GMT
expires: Sun, 04 Feb 2024 22:10:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbm.js Show response
cdn.doubleverify.com/ Frame 8CD3 421 KB
101 KB 359ms
73ms Script
application/javascript 2600:141b:1c00:f::172c:c9da
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbm.js
Requested by: Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9da Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4bbd30439575c4c1ec03fe85c7a3ccb592b6d67e52a6ba7d57d35846577f3822

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Sun, 04 Feb 2024 22:10:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Jan 2024 16:03:33 GMT
Server: UploadServer
ETag: "65e2cd34decec24874dc209f3313cb2f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103337
Expires: Sun, 04 Feb 2024 22:25:41 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8CD3 111 KB
39 KB 226ms
65ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Feb 2024 14:11:17 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 8CD3 8 KB
3 KB 93ms
93ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:08:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 8CD3 23 KB
9 KB 85ms
82ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 09:12:19 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CD3 41 KB
14 KB 76ms
63ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:17:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 8CD3 3 KB
1 KB 87ms
75ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 8CD3 20 KB
8 KB 89ms
75ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CD3 205 KB
65 KB 136ms
122ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:10:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD3 42 B
63 B 102ms
99ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiWCHfcdcwpwt704yMfhdlBh2-zxSOzCLcfzUE2DHu3RL2bG7CfVlFoUieX0UfAIOfS89ens3jFVDii7iSEj63PF5G6d_9dUdMwK303fGXXjTYo0w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame BF9D 3 KB
3 KB 90ms
86ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:08:38 GMT
date: Thu, 01 Feb 2024 09:08:38 GMT
x-content-type-options: nosniff
age: 306123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 15:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame BF9D 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9DFA 41 KB
14 KB 84ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8QILjN8VwUVWP72sAIaqraJ3ngdBMPvfabzvX85VjWZlH3dWZ3JidQd-oUJtqzzi6ksS8-vxD65-4OuMFXEnG9QeZTRkzJdWwSkUUdKCaz6E1A8DdYuLPlPQC5N6DGBI3lR0Ef8GoJYn_7TIS2G03hUbfOVHbziA0eqHw8zslUYXvX7Y&cry=1&dbm_d=AKAmf-AqRCO2T8uwBxDwcy1ZrApBq3OEhWsXns0jgulddhlQsnC_MGd0BjvTL5BFaW96R8eHbw3Z-7b-G7HLHFZSKN6jVNCCxH3XwClJJQQ5WzrHmQ7yusfKKWtdaaykaq_OGQvjhNYZnY894Ah4Ciupc30_OMUsiVnD5wNhXHCOMurKX5cBr2Wh4xxx4OOGVcj0bET7SOGi9vNGOvuXX4ib7FMqo5Yp_JgCvDRkbZ1I_GnBFY35_9kYDTr3x8oDm49-bUuV8k7NnIoA-dCuoYGFXS-CI38-NXIsHdRvrmF7HWudWYtf4cG5rHXyUDfHnc0NIGf_qWX8bKXIn3R0AZgtwDS-iVytiHVWesyjaEWx4KjtM0l7K_GhuPPPtVwd08FfhkV_xEPq5iwREDqLsLgALLYtnbfBF_scV6qmDKjyisJVEiwKlzqD2JH8HrVOKseMaFUQcAjEulW5diBJjANoBaGe6LOnwUk7ao8TUfGVIxR_xICIGcl-gBG2vqDQ0AdoEZ57XTVLcbs3V-r3zf12LtKDDUAUMmxFd9AwgYUUccaL56bDLO9CJ0ZbMaWAJJ15cVZoFw9Qm9A49TlTdt26X1uWzPLXn2r7RObitFklkCR7O9aJNQDvOgel5BTdkc25BmV204icpmb3Dyzs9fMoNjjcz4gZDqYsuRs9MXIbF5uc3z2-0cjCzInfxjcYRW1pcg34HV2gxbkQQYB-WkBhy6jWKL1qPzRCS015-k1krwg3q19DgGnH9E9vBs__UiA1GFwLBRaeSiX02LkgjKvd99e-2JwxNblSJXWj9z_TQ7h_xInWT4_xB51Fvt23V78zqf1Av8DxdsmTTIGUPk9bTetYEAv0hkzkwWMDBhJMgPgSO25_BfAyVbOsdQXXMiEN19rtyBF1Nnk1D0NjgWVD_QmJjMmtgqHgJTxDDvkTUhg7JBkCXXSY7YPYBTr71m9f1vTN95XQXBl8m54P3hqzNzMoiQrk5AjP7rEPmfBEdTT0CL2eideYcPoLtyaBgUmWxlf7dwmYAo1k4fW0Fa9WCh9jtC1d2x52vNUQd80p3TD5Ln3CpAOjXSoF2qL22wQbyqAxOECadjLiT-B0wOmT4Scoe2CKlpRAppDtHv6f_HCxFBrgHSOzZ407hdmf-vGDgXMfv4czGqu8xigI3lI2YiwF5v48FeaMbzxVxYOWxQh3hKgRiA-GLyBBiQ_8MPVJeey-oOhZgatGn7IT_CmcwA2s6t7skBp66EZ1UPJL9CYEu3CW93Mrai6tlfV3zrViw9Iil59SVfW-P-qdZjWKnZS1yTkKhQLJbreLEN1GKreC3luDS2bYTg_Ti9TF45NnUWCb5nV8iL6hpR-PMeP60QwJ7SbK0oFhyTqJ2owBrk3-ryBTIQlJ1F77koq98a2v-eA94SMm-avY_3fY7j6253dLntTUzO1uko2EEygQKnFhMGv_Y8hkIwnOuEx34W5DVPt0N3lRKzDany3odhn9z8ZcqwSKPj_v_vUdpIut4PQOBgPR4BkiqcDuT9Q2NDX5X7ajWimISTyUHTjfwF3UCWd4ky06W_S2coU63Lzkldpii_JVrJ1Oy8bC5L1uep0mX7ce1J2aNodepqLnS0rrmEAhwfBPMgISpbjKnhp7_uapCJow-6z6quqTF06HHLRZsufTA9wY1kHaUTjXPWQuCVM8aoxs5cfKWT-b631gXbWhOgzWuQQLscNEwuTwdCFgAJSf9548pvZm_CV_dZa3-VJDbQybbPeHOcTgJox4mNSVJoo1cn0jcHIiHxpkkN5dNnKKrZ6o1BetbVtZnfYUY2b_RAF5y17HbR_zmqK2J5h4aSZRCrShprmmFn-l4kpWit2k1UI3YjctJrpXuhqMn-gbK-4ghxxI_KVx8BazXy17nBxV15M9LUqCGZOjr53XTBTY2ncNa8zVd5EuE6GDi8cWUgL9O8M09XCTaGSw195Rq0unjMPOGd20-07x_0tdvWZp3h2-IZ1LT_DhDFwUKQ2pc2dLaxro3Iru7ytwXCncjbqzoxctzjQZcQeqSEFyvnI8p70ZpSW_oIA13OY7gvZ7Bx_e7udlPBIgppk399EFJgHyqu5U0r9fuq8DKXb93nJBobH2iJjE05pF2B6Qe7C472Q-GmwVlyCXsK1kJ2jKbidyIbMkW40BKbO2-iy2ItwJNleYT9QnQDNSQx6c8nk6OOJNHbYd6kipc3Es5Mvu1PW3Qeo6zCPI-m0XnGXtQH2PbEsjX5ip6imVOHVEudjAeQm98h4CSayAyJlfp2wWC7L_h4pPyl8llo53UfEgzaVfsAfDh1LO4DNLW00mLUnYzW2SNdzEjOw-EOFWg0uFIRDJJE_wd8WnoN7yncLiM1MY98u8ptdU9FL_pbrzozEuIsdWrhJyORVDMsCXbJdmNtR6rUFIb8DvnBCe2Hg8eeErrct6UIVFGRwEUtSl_5kpRBKBq1wSlzc0U1SviP97lVRCCmOxNySC8L6lLdUHFOoyDRHfqeo9BnbKpgX-adUoi0xO1i-K3CWREhTFwnCCKIZitCifyKtZH37FFz9vQEf4QJxqE9Xlm_RHmpGRQNljV8BTAIUwOeeCcLbIh2Zi3NGCf-vYLmXeXgRtTxsRkCVZVUptdy6DuC4-cnHnESz5y1zffyVsIsFdDjRHh9QiohNDY82FIvyC6eIr_zXsE7_SFcEF_NIdYOruunkyh-Dj6m7e7LHEfM_RC_HgXSHj3XMUwoCJPPZOakpsx1B3CBXP4cERbCdWvfMw_MtMVxQdYDw8iHczx6ckCHK_SiCzCFl7g_tcrop3m1GdUacEvVZqdeAu0I_kV4lKG2qTH3Grg91Fg5swbXo_KzF58ALMLejcnUxny0MdC4K8oIsiGmLuCyy5ozSmtTVQVXg1qUK5aZBYB9kzHIE2kWFGOPvxHrNjge5jWA2sCrFiV81I_pb4h-SdtID-C9iBbTckVH0n3RMzp59r__7qDQsi-aby-r1-cTcsdIKn4Z6QiDBySI0ymcmp0DpFY6DNoUkfW0KpJyIif4XqsMioH0ScKxAJLCqmQxcf2R1RVp6pR3HANRVjRAG-6HtEHB8c0PO5-27QN3QMc_eX2WO57VRQ7AS2xdRWXlbv0m_tuHGmGUqeevpKmyQC6p0DunvWLhCCKgd-RA9cSHvEnJjsrirs8j5v8d4P67YUQ6WUk5_p0uI0DZi-Gci48yhNxXDHVA-8WaT1Ahy0eKuQZVSNJ86zIuFtq_zUcJ48kHp9KiJv0tki1fXaiuwtMTcod-Wqn1Xp5RW_cMOVz32-WUn4qa1LIVZnnWABV7N30_Uw4GSna6Udo7K6o9b5is8ljl9-1PeO1wEkvRLo5Pb85zoclOGnG_klwtPHlICvNTcupScYI16AsWCiqQ3xMJ-a-9AHv44NtLGVvwfO-pr4869aHpoFVwBp6xmYEQB4mUzkiINfhhGoFUa_2xgUSyy2YTX8DJSWOJknxd_ngePiHlo77UgmvaSsl73JbkUBl8_FClgLtn8xeCjBeZ41CJjN5AfpxPY-POLiQaEQBkwcjo6KUsLWAoThTmPrgVbhckR0Cvx0vOT-P6WH3X4PthBHKy54R5H4tjyaQAw75NTmNtXqSXVM5OINjVco9mfmjkNmwJX3PgjO0TiSsdmulUztMAX04EPAV5WChVKyHn79mScUVERykXRlojDHnuH87wG33DOhLop0w6GVarf-I4pmCVB-4JSanqo6F2Mb1F3r8KBACZDmrICf_d5_2hgZM_OjPaSmlyLfQe78PO0LEkc8SomSkiB_4zFwHjRkWCQl0FXVmma_HEB9iIpx8eZ3jkbiEiaawwiMbwAHgmDrRjA0qB8BjvltGwV7kQtrBhpIPwFTtv4PJr84yJJIzuav6NRxUudTgVssdXGJDKX2tHshAx8Jvat3zZvbK8xjfVeyRA60aGy2qQNn-Cz3haILG912nxGXSVZPH_PD8Oekmi_M7o6iLmvQ3yjeof55nMrVkAHPZrl-x0HIqTiazYcmellsC6Q8jD-bC4xPPKqBAkCUA0cpgS0cLVsj60BNSHEksPH2vDI_j6u-Mue_qzozQseYqJ2iRJimOohvYk19HVQ4ZCvtNSJJe9ddYHRJ7BDuvFqNy6mXLTlNCxKchKSP2Mx3IlJeweuTna-XJhfA&cid=CAQSTgAvHhf_jLvaRB9ojAdLOhb8LfMjFBjvi9tlj0ibcebOioxGSen3DZ504155EonpvDVGNMMTj_FK2aER-BxfqaUXwyyq_rXgc1KGZTzXuRgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fafkaralkhalij.net%2F&ds=l&xdt=1&iif=1&cor=16229697345826064000&adk=2124396031&idt=121&cac=0&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:17:54 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzA4NDY0MDg4Nzk3NwogIHNlcnZlcl9pcDogODA4NTI0ODQKICBwcm9jZXNzX2lkOiAyNjUxMTg5MTQzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDM0NzE1MDMK...
ad.doubleclick.net/ddm/activity/ Frame 9DFA 0
940 B 263ms
100ms Image
image/png 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzA4NDY0MDg4Nzk3NwogIHNlcnZlcl9pcDogODA4NTI0ODQKICBwcm9jZXNzX2lkOiAyNjUxMTg5MTQzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDM0NzE1MDMKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3dlYi5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTc4NDYxMzk4MTQ3ODc3MzcwOTEKZGVidWdfa2V5OiA2ODQ4ODM2OTcxNjA2MDAyMTYyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM0NzE1MDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODYzNjg5ODMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDcxODU3MTQzNQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDk0MTQ0NzU4NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0NTE4NTA1MAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly93ZWIuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xad5afda444eb2eb60000000000000000","13":"0x665c2e4197f5645f0000000000000000","14":"0xf41c279453d60d1e0000000000000000","15":"0x4c02787fa11353ce0000000000000000"},"debug_key":"6848836971606002162","debug_reporting":true,"destination":"https://web.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["3471503"]},"priority":"0","source_event_id":"17846139814787737091"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 9DFA 59 KB
23 KB 82ms
71ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 09:11:24 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BF9D 0
234 B 378ms
119ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ls824b32&c=1405604695350&slotId=702802347675&qqid=CKjc1OzZkoQDFRaCdwEd6ZoHsA&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/76b55318f38568e647e781cd595cf10f.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9119114932533656539/ Frame BF9D 9 KB
9 KB 73ms
72ms Image
image/png 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9119114932533656539/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ae2dd71885ab8e878b53e49e4688e6523c66e02c67978d495d999bef68a0cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:31:33 GMT
date: Thu, 01 Feb 2024 09:31:33 GMT
x-content-type-options: nosniff
age: 304748
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9493
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 15:29:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2FF 88 KB
29 KB 383ms
355ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1362911606480008&output=html&h=280&adk=1626564692&adf=333044141&pi=t.aa~a.2072042287~rp.1&w=470&fwrn=4&fwrnh=100&lmt=1707084641&rafmt=1&to=qs&pwprc=8411997553&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084640766&bpp=2&bdt=1756&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c874747d4a759b1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MasxT6rRZLVaj-C-8gk_UDA7KdH3g&gpic=UID%3D00000a0b6f87e300%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MYDyHfkKNRwgg1uwjso2trfzBFMKA&eo_id_str=ID%3D51c6cacc3a7e2ad1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DAA-Afjb8G9s-xFgzNE7EHffo7m2T&prev_fmts=0x0%2C490x280%2C434x280%2C470x280%2C444x280&nras=2&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=519

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e609da1f2e9d546ab7737e6968c48ac4c2705fbab9d979993a796de568e6ebfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 29196
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/ Frame 9421 9 KB
4 KB 66ms
62ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 4692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 20:52:29 GMT
etag: 3890843268177463596
expires: Sun, 18 Feb 2024 20:52:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVj6TkgWy43-wV5XRRgUCQaRGv8w5AV_hVh0wd2dYctlwq8juqM6CXHtpo3FGq_yv4yrP4i-NWuDQjwOW4paTfI6TcoUZfgzJ4jOxv8aN0XXQdJZ0hDa9AeLUJG4WSBdeMtWwn9dQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 107ms
106ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVj6TkgWy43-wV5XRRgUCQaRGv8w5AV_hVh0wd2dYctlwq8juqM6CXHtpo3FGq_yv4yrP4i-NWuDQjwOW4paTfI6TcoUZfgzJ4jOxv8aN0XXQdJZ0hDa9AeLUJG4WSBdeMtWwn9dQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDg0NjQxLDQwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hZmthcmFsa2hhbGlqLm5ldC9uZXdzOTI2MC5odG1sIixudWxsLFtbOCwiUlVyWkJqa0FPUmsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMxRcLLibA8mCQ_sI3cuamh_9rJ2tw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dfa2f4f3e39c857f213c36b5e5242ad4e7fc9563a7ec3f6310a5524e3c4e52c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ePk7OcNC5g-2F4lJVXAJkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ePk7OcNC5g-2F4lJVXAJkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLheDitYR2bwIxlkx4yAgB95lNy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DB3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

43 B
741 B

95ms
93ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnoyAIQ2OLLAhiS65uAAjAB&v=APEucNXzJ7qeW3VX9VPTVwgAM1xpWzWWSD6TtO9dqyhzDNZ5c9vhjDe2FXO7Hu4d65jz4EWZzlDuSN_UKOZEsMSFW5huxGFJXw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk%2B64kvhQ%2B0M3OSX2HhtNPWoGlL7NuAIRPvkAhYHXm%2FYZtwf%2BWclpYpSlQ%2FH2qwqfG7NtPZhEU5mTPpC3%2FrrpOgvxunWHRcyWwVWvDQM5xhqObLppFj48EIo%2FKD0axDFnSYHa15V%2BzwQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85063ec22bf0224b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DB3C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcALYOI15HBdlQtuvVCfrQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1

43 B
730 B

83ms
82ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnoyAIQ2OLLAhiS65uAAjAB&v=APEucNXzJ7qeW3VX9VPTVwgAM1xpWzWWSD6TtO9dqyhzDNZ5c9vhjDe2FXO7Hu4d65jz4EWZzlDuSN_UKOZEsMSFW5huxGFJXw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsK83eDdCCBK0lRCBcgN95u4ULTZC6LfMVFf7PstqDg9Zoz9BXFS7YtfeKQoNRmLuozqcazhWS53qB0Nvs0olZYdxQvfhbbPGY%2Fv%2BLkgNpqac6Kj2hbTrVwMMnQ5lYKhIhTyvtOqEr3cAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85063ec2bcc0224b-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAQ5QkP02kfkgzyfIWT3aOQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DB3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1

43 B
1 KB

87ms
77ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnoyAIQ2OLLAhiS65uAAjAB&v=APEucNXzJ7qeW3VX9VPTVwgAM1xpWzWWSD6TtO9dqyhzDNZ5c9vhjDe2FXO7Hu4d65jz4EWZzlDuSN_UKOZEsMSFW5huxGFJXw

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
an-x-request-uuid: 515db831-3cde-4d14-8041-7dec46d63c4b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.68; 38.132.118.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKMmaVte9lxItfQGLB5UvLs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB3C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D

170 B
188 B

90ms
87ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D

Requested by

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
an-x-request-uuid: 485763e3-01c9-4eb9-ad99-3175154c5e5c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU5MTQ2ODIyNTkzMDYwNzA0Mg%3D%3D
x-proxy-origin: 38.132.118.68; 38.132.118.68; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

206

videoplayback
r2---sn-q4flrnl7.gvt1.com/ Frame BF9D
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=35cde22b4ef74a59&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1707091840&sparams=ip,ipbits,expire,id,...
https://r2---sn-q4flrnl7.gvt1.com/videoplayback?id=35cde22b4ef74a59&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1707091840&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

783 KB
783 KB

174ms
71ms

Media
video/mp4

2607:f8b0:4000:4a::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-q4flrnl7.gvt1.com/videoplayback?id=35cde22b4ef74a59&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1707091840&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1A9EC518AB6C2C9317C9A51508EB38B364F94DF7.1E84F54C818A8222071D95E1AF65545DAC9E0B77&key=cms1&cms_redirect=yes&mh=2C&mip=2001:550:1d05:1::11&mm=28&mn=sn-q4flrnl7&ms=nvh&mt=1707084259&mv=m&mvi=2&pl=48

Requested by

Protocol

Server

2607:f8b0:4000:4a::7 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b2b97b84a538c02699984032a173441aff0f7e46f967a42e327f1603414cf59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

client-protocol: quic
date: Sun, 04 Feb 2024 22:10:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 14:22:24 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-801383/801384
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 801384
expires: Sun, 04 Feb 2024 22:10:41 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:41 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-q4flrnl7.gvt1.com/videoplayback?id=35cde22b4ef74a59&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1707091840&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=1A9EC518AB6C2C9317C9A51508EB38B364F94DF7.1E84F54C818A8222071D95E1AF65545DAC9E0B77&key=cms1&cms_redirect=yes&mh=2C&mip=2001:550:1d05:1::11&mm=28&mn=sn-q4flrnl7&ms=nvh&mt=1707084259&mv=m&mvi=2&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9DFA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aae1f5dc0bd61a40b7b18df8478dca7d4cad4fc0558796bc3251844c5fc911d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8CD3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d628e8349cc6f77938407709c2d955f3b35baa93922c4a3f74420a54f7aecfa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BF9D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0cc79ff0f7e7368f5ac9330bb80c08ca5f7fdbe0edf81901c9f7975b96f60b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 9421 4 KB
767 B 81ms
77ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Feb 2024 22:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 21:05:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Feb 2024 22:10:41 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 9421 16 KB
7 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:12:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:12:44 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 9421 22 KB
9 KB 69ms
67ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:12:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 20:12:44 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E85 38 KB
13 KB 67ms
63ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 305338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 09:21:43 GMT
expires: Fri, 31 Jan 2025 09:21:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame BF9D 2 KB
2 KB 70ms
64ms Image
image/png 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=4760392536&adk=3243116924&adf=2701836336&pi=t.ma~as.4760392536&w=444&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=444x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639505&bpp=1&bdt=495&idt=647&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280%2C434x280%2C470x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 19:49:27 GMT
x-content-type-options: nosniff
server: cafe
age: 8474
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Mon, 05 Feb 2024 19:49:27 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A8F0 38 KB
13 KB 71ms
69ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 305338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 09:21:43 GMT
expires: Fri, 31 Jan 2025 09:21:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8199748856208821014/ Frame A9DA 9 KB
3 KB 195ms
67ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f37a3a406a119fefd3a66c90ebd6c89c95914a971b73b74c92c1258e444660e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 404122
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3200
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 05:55:19 GMT
expires: Thu, 30 Jan 2025 05:55:19 GMT
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8CD3 0
0 110ms
103ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvA3mRmaXPbmJIb1757SOQT28mCtCSqDX5aRwuL0BXTqgeyikkrFsdXJg-E5Mf4UyPGyPxbFDne4IqYLM4kG0oKrf3ovk0ZfBtXeQp7P2N4JReR5GTVIwPpqLSn5EDh6UmIYCLYlzewdkhUOtEQF2EU_3TAoSFWhcTAz7_z9cv8ls0Z1yO6BNMc7mCDDAtepn_swq-PrPYocRwI5RSoizwk_sUlc3dn7Dj2vSr4Md3hTdlKyF216PJdvdxR1EAW8rR-jncAEW-h02JsGK-8bRIFDwk0UlSqMDxX7Gt_RKs3eh-JXrk7NIAXQ3Z0xJ4qcDG8x5wTFXCxNG3Ur6QfWpn-ACtyXAsNC2VwA3FsI0euVHF_K8wlBVJ_zRn-5ZisfMvqgYNJsD1XlDIYPJNAPuBgN8_w872a6lPsF38_gm2nCZZsd2bdbMDMau1S7D1jUvJVxkHfLHbbeTY7_IrKj7bwHXuZx9byhHMd4j8WYVPHwYvS1VxkxOjMFJpBRA2iJ9v0BKbE_0LETFyEk0GAR1R8M3gziNZ1Jvtw12PnB0CJNQONDozOrf_bzoqFuBc6V0dApjLwyhFHUvv6EbyJB0DPOiw04sSCChOiH_ZBy5KqPLGscrr-UBhVA09P9xvDwgqulI-Q1Nh41Yjlwrp_HRmBIUxutVjSJFJhsOPxmQi-HaJ_ACALKvT4BUezAyubhapu--R7homD4ZNpb5LPwOAAs_p7tXRXUOMkttSO_e5I2aTLKAQcdLgsOOucJ5j5Bpo0HHh7I_Q1R-Lgi9AUZp0tcFXmz2975YvpCY8PidhXaSBK7Y29agXBod3EfGOHJJcvBQl4NlIg-dnFEy-vRzRSiiuKuW33zRRrn3Y0tC5WGYUQdJcARGXgZpMLvmwOOxHjXCM0rp9NfHxXOW0JIZbQpd9d4pFpIlExZhO5v3eYsTYqBZ8qB_bJSrPBFpZUMD07Poc9W9HtQKl70a6-v0k0DRjOwVuMNZJqKOlbvQQFVvj8TtOglmshroEJXCkLCXSiZT04R45kzLJ5mr-i9LXk2FNakfGO2C9E7nmkh5epSqWQUa7noNpROp7CSxolRDNQIvsk9qgMmucr-UIYbV2iz7TSDo4BSLeF6g8alDEh6AnckylRjVDqyU2sXhEXnE-W6UNn83zy1dR-ZA-4no148GYsjJlXmMdfuhb1M3RCBEdwTwne9yhWDe7FY8-tqdX5ICKRXOdGQKnq60V1J986m8iqyQwnMapFrCV2AsGKIHgBB3v1B0gDH34FQ1WQxbTrjFOV1tqy2mivsL6v0qK93shjydW8fwFAmSZt4eamVOTADlvv2umUmC3p2thHVxhVlctX2k_J_yQHzUxYfh8qRPDWfOhmcFGtET4j-7-Z6o3xf-9t0FoiaV3BOZilOJq0E8NRFRfFGghud9bzrmGF2LAk&sai=AMfl-YTzhbbuuNy6tsGZ061ocEpUbyDs6dJGbP_521qkVNp262jjRkuMfaSgFdVVolj9UdPaW-wdhOc6nqlY1Vbb1_XsRM1lx0HMZaGD_2ZZ8YJTNderdsNs-Dya8-x2T5phWXOWChATT2Ps9d3Fk1NX1dwCXhPOVCoWTL89Yt_jd7ZuoOvA0YahDO4C9IDQVtGH8hCxu6BdyxiX3SSZqI8VDAWxWx7cDWLWQ9g5qouixNT9I5ii3ICHKm-89FctZmSg7EXYgDPM7B4apt4A9GS8NfwcaDz0oZ0V7usZodrvnkV8YBFex4msyW2dmI0ZvSgoCZAgLoVKzth6m1svXFEIvhXgzfCZDXbrVntidgnqGdoyaF3Gtw8Tj6NvlJLV_qGjsbL8trjCFCNTLpM6qJNZDRb9E4j7dlglrXZkUgwHob4bHTRZKDT2VacYQHR-PEb4tTAV0PHDt0J3R7EIwvKQmxfoWZygocNRg-zgauv-BDoSGjYGgTpzUtDWaU1pvG4wKBvmDKbbFLBp&sig=Cg0ArKJSzJ1ggGGF-C8IEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9leHBsb3Jlc2V0b3lvdGEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=853&cbvp=1&cstd=843&cisv=r20240131.90276&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Feb 2024 22:10:41 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:10:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame C2FF 23 KB
9 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1362911606480008&output=html&h=280&adk=1626564692&adf=333044141&pi=t.aa~a.2072042287~rp.1&w=470&fwrn=4&fwrnh=100&lmt=1707084641&rafmt=1&to=qs&pwprc=8411997553&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084640766&bpp=2&bdt=1756&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c874747d4a759b1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MasxT6rRZLVaj-C-8gk_UDA7KdH3g&gpic=UID%3D00000a0b6f87e300%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MYDyHfkKNRwgg1uwjso2trfzBFMKA&eo_id_str=ID%3D51c6cacc3a7e2ad1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DAA-Afjb8G9s-xFgzNE7EHffo7m2T&prev_fmts=0x0%2C490x280%2C434x280%2C470x280%2C444x280&nras=2&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=519

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:45:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C2FF 8 KB
750 B 80ms
79ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Feb 2024 22:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 22:00:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Feb 2024 22:10:41 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame C2FF 15 KB
3 KB 406ms
235ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:30:08 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame C2FF 378 KB
132 KB 233ms
62ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:20:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame C2FF 20 KB
8 KB 66ms
63ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 8CD3 1 KB
929 B 318ms
55ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=34&ttfrms=63&brid=3&brver=121.0.6167.139&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau27%3C2C2%3D%3C92%3D%3A%3B%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau27%3C2C2%3D%3C92%3D%3A%3B%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=29&ddur=438&uid=1707084641960761&jsCallback=dvCallback_1707084641960489&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36&htmlmsging=1&chro=1&hist=4&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5323&tgjsver=5323&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1362911606480008%26output%3Dhtml%26h%3D280%26slotname%3D7961270948%26adk%3D2898237021%26adf%3D1848691050%26pi%3Dt.ma~as.7961270948%26w%3D434%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1707084640%26rafmt%3D1%26format%3D434x280%26url%3Dhttps%253A%252F%252Fafkaralkhalij.net%252Fnews9260.html%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707084639502%26bpp%3D2%26bdt%3D491%26idt%3D590%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C490x280%26nras%3D1%26correlator%3D8487466843469%26frm%3D20%26pv%3D1%26ga_vid%3D804276535.1707084640%26ga_sid%3D1707084640%26ga_hid%3D1342784466%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D4%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D580%26ady%3D490%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44808397%252C44809003%252C31080659%252C95322195%252C95324020%252C95324155%252C95324161%26oid%3D2%26pvsid%3D3436147514831985%26tmod%3D1712668158%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D595&fcifrms=12&brh=4&dvp_epl=258&noc=4&nav_pltfrm=Win32&ctx=750202&cmp=31006450&sid=5744950&plc=382506791&crt=206704438&adsrv=1&advid=5677814&unit=300x250&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=0&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1683646775691.8972&ee_dp_sukv=1683646775691.8972&dvp_tukv=3061245820.3060384&ee_dp_tukv=3061245820.3060384&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=0.899993896484375&dvpx_strhd=0.899993896484375&dvp_tuid=178865744261&jurtd=4104321345
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 693ec4c7c1cf33174e0251bcc11c4ec275a47ec056df547e4e81541b290d71fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Feb 2024 22:10:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 02/03/2024 22:10:42

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BF9D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClsNAYAvAZaisDpaE3rsP6bWegAveu9Ladbb6nJOsEp6XmM3KARABIO-RhBNgyYaAgNyjxBCgAd3wqsAqyAEJqAMByAPLBKoEjAJP0C3ruyYs0eF4H3wnUrycIHXxm2wST7POJyDaqvK9-4F...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb395e524f2dbb350000000000000000%22,%222%22:%220xa95ed8656864677b0000000000000000%22,%223%22:%220xb46d55...

0
0

267ms
138ms

Fetch
text/css

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb395e524f2dbb350000000000000000%22,%222%22:%220xa95ed8656864677b0000000000000000%22,%223%22:%220xb46d556a439680b00000000000000000%22,%224%22:%220xf57e7d26dae8178a0000000000000000%22,%225%22:%220x5ff86dbbb02f48020000000000000000%22},%22debug_key%22:%221465110366447932924%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%2222%22:[%22true%22],%224%22:[%2202-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22303512494926460321%22}&andc=true

Requested by

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfb395e524f2dbb350000000000000000","2":"0xa95ed8656864677b0000000000000000","3":"0xb46d556a439680b00000000000000000","4":"0xf57e7d26dae8178a0000000000000000","5":"0x5ff86dbbb02f48020000000000000000"},"debug_key":"1465110366447932924","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["02-04"],"6":["true"]},"priority":"500","source_event_id":"303512494926460321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Feb 2024 22:10:42 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfb395e524f2dbb350000000000000000","2":"0xa95ed8656864677b0000000000000000","3":"0xb46d556a439680b00000000000000000","4":"0xf57e7d26dae8178a0000000000000000","5":"0x5ff86dbbb02f48020000000000000000"},"debug_key":"1465110366447932924","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"22":["true"],"4":["02-04"],"6":["true"]},"priority":"500","source_event_id":"303512494926460321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AGSKWxWXiiy-2D_mFtfQK1gj84Cs_toJYOm4wcoQgWQBEoq6C5El8CPs7_rHOSa8RqFA55TiG-e_omMwQOjOqSVZXvgq63IxYLy-yzK6IoODo2AKXZYu62Nu87O6rUi35v_uhijd3CZhrQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 107ms
105ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWXiiy-2D_mFtfQK1gj84Cs_toJYOm4wcoQgWQBEoq6C5El8CPs7_rHOSa8RqFA55TiG-e_omMwQOjOqSVZXvgq63IxYLy-yzK6IoODo2AKXZYu62Nu87O6rUi35v_uhijd3CZhrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDg0NjQyLDEzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vYWZrYXJhbGtoYWxpai5uZXQvbmV3czkyNjAuaHRtbCIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

feb386d8e6a6df28b4a598495b2add0847db424d462cc1f6dfe1f998c3b864c9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aIWU1B0FXqejwR5h0VnxjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aIWU1B0FXqejwR5h0VnxjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxT0IAXEYB-Dz5pWPklg4ZTLIxGY2GSyiGDApyWKShSzKaJD_DTY2xWIwGC1KZBJnkOKQLD4WBr_h6THPdH6zLMV9sjTfqbSGVXhPG1h7T7SFqnSmBhySZ7pAwKdRCEpFjSqg-13IBI_XlWzvKznBDw_XjT4wiUb096Rga0qwoYIhWxNcAutQcHAkeLwQPIW0JjgHPVZ4AO2Ywl0I5xVOwLOg8BfK6pJr4PCs2A12i_HYqQ8Ntlazn_kDJ-hX8Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK toyotatype.css
07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/ Frame A9DA 3 KB
888 B 245ms
70ms Stylesheet
text/css 23.43.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/toyotatype.css
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.168.189 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-168-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: db2a887d72c63529cbb7538ded278f1a07ccb9c5819fb3e29cc260414ff38e94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Sun, 04 Feb 2024 22:10:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 14:05:43 GMT
ETag: f48c0950d62316fc8f101f8e6bcd9743
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Timestamp: 1532009142.76272
Cache-Control: public, max-age=244
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txac9035317bea4310955d2-0065bff8edord1
Content-Length: 417
Expires: Sun, 04 Feb 2024 22:14:46 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame A9DA 236 KB
63 KB 364ms
83ms Script
text/javascript 2600:141b:1c00:30::1739:5a70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 04 Feb 2024 22:25:42 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/8199748856208821014/ Frame A9DA 49 KB
9 KB 77ms
73ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/index.js?1699369494957

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8a6478357382485949c01b4a1259aad602fe642751c4dc7bd15189640dd7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 10:05:10 GMT
date: Thu, 01 Feb 2024 10:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9671
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1 200
OK Ad-Choice-Icon-19x15.png
07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/icons/ Frame A9DA 574 B
1023 B 248ms
78ms Image
image/png 23.43.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/icons/Ad-Choice-Icon-19x15.png
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.168.189 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-168-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c46984040948cd91a49d685f4d79d48398a3b44b92d4fcd1adb7a20547b62ca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Unused62: 8096267
Date: Sun, 04 Feb 2024 22:10:42 GMT
Last-Modified: Wed, 15 Sep 2021 21:14:44 GMT
ETag: fc14b666887d1edcb67beb9aeb36667b
Content-Type: image/png
X-Timestamp: 1631740483.40468
Cache-Control: public, max-age=463
Access-Control-Allow-Credentials: *
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx9f86104be65646088d0c9-0065bf1cd1ord1
Content-Length: 574
Expires: Sun, 04 Feb 2024 22:18:25 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BF9D 33 KB
34 KB 208ms
63ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:11:34 GMT
x-content-type-options: nosniff
age: 305948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:11:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 7FD6 23 KB
9 KB 66ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 12:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 12:45:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7FD6 8 KB
750 B 91ms
86ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Feb 2024 22:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 21:04:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Feb 2024 22:10:42 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 7FD6 15 KB
3 KB 80ms
58ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:30:08 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 7FD6 378 KB
132 KB 84ms
63ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:20:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 7FD6 20 KB
8 KB 70ms
62ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:53:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Feb 2024 16:53:36 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E85 39 KB
15 KB 78ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 20:11:42 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame A8F0 39 KB
15 KB 80ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 20:11:42 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 282ms
129ms Preflight
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 04 Feb 2024 22:10:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C2FF 0
54 B 121ms
120ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ls824c1l&c=5885781206651&slotId=2942890603325.5&qqid=CI_Zmu3ZkoQDFcwOTwgdwVUFUg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2FF 15 KB
16 KB 134ms
133ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:15:03 GMT
x-content-type-options: nosniff
age: 305739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:15:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2FF 15 KB
15 KB 146ms
145ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:24:29 GMT
x-content-type-options: nosniff
age: 305173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:24:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2FF 0
20 B 97ms
95ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CBrAfYQvAZc-kF8ydvPIPwauVkAXq4qa1dd373vCTEmQQASDvkYQTYMmGgIDco8QQoAG5qtm8A8gBBagDAcgDmwSqBKMCT9D4PI0-bqgAEGkX_w4eNjCX3tBs1eDKEXFSIj8gVAXGRb1KFSnO81zfRX2OY1wWHXg3sw75ce5OfAx4OEkbHU7YWdQPFyj_fVGzDPw_TqL4cSPwYjY1fNtDNF0AHKfuLjBRtTq7cW9pczTWUUn8EoDydd20bA7D1unTnAAWRNtv4PwjXiYD6vJRRT9WQlYzTt_UojXfBX1ubw56jnp3gXDcT1LjjbATqKHd2MbUV7U88j_rl9uW6bAGG79WDhIig--OIP50_i1RJWyuXjAg8xKV-x0bRT2kI69c4_JUt56A4JDkwajye0UMtdu1iWyZ4Pl0Bw6wNm8c_hgmQwBvDwye9ZME_BXPSJL_bcUcqLU1d6ocfcE_Pen0UvAn6Ofhw9ldwASA7fLP5QTgBAOIBfjSxIhOkAYBoAZOgAev1aZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYlv6Z7dmShAOACgGYCwHICwGADAGqDQJVU7AT-qGzFtgTDYgUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1707084642320&ai=CBrAfYQvAZc-kF8ydvPIPwauVkAXq4qa1dd373vCTEmQQASDvkYQTYMmGgIDco8QQoAG5qtm8A8gBBagDAcgDmwSqBKMCT9D4PI0-bqgAEGkX_w4eNjCX3tBs1eDKEXFSIj8gVAXGRb1KFSnO81zfRX2OY1wWHXg3sw75ce5OfAx4OEkbHU7YWdQPFyj_fVGzDPw_TqL4cSPwYjY1fNtDNF0AHKfuLjBRtTq7cW9pczTWUUn8EoDydd20bA7D1unTnAAWRNtv4PwjXiYD6vJRRT9WQlYzTt_UojXfBX1ubw56jnp3gXDcT1LjjbATqKHd2MbUV7U88j_rl9uW6bAGG79WDhIig--OIP50_i1RJWyuXjAg8xKV-x0bRT2kI69c4_JUt56A4JDkwajye0UMtdu1iWyZ4Pl0Bw6wNm8c_hgmQwBvDwye9ZME_BXPSJL_bcUcqLU1d6ocfcE_Pen0UvAn6Ofhw9ldwASA7fLP5QTgBAOIBfjSxIhOkAYBoAZOgAev1aZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYlv6Z7dmShAOACgGYCwHICwGADAGqDQJVU7AT-qGzFtgTDYgUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2FF 0
20 B 98ms
96ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=canary_version_20240117_RC00&clientTime=1707084642323&ai=CBrAfYQvAZc-kF8ydvPIPwauVkAXq4qa1dd373vCTEmQQASDvkYQTYMmGgIDco8QQoAG5qtm8A8gBBagDAcgDmwSqBKMCT9D4PI0-bqgAEGkX_w4eNjCX3tBs1eDKEXFSIj8gVAXGRb1KFSnO81zfRX2OY1wWHXg3sw75ce5OfAx4OEkbHU7YWdQPFyj_fVGzDPw_TqL4cSPwYjY1fNtDNF0AHKfuLjBRtTq7cW9pczTWUUn8EoDydd20bA7D1unTnAAWRNtv4PwjXiYD6vJRRT9WQlYzTt_UojXfBX1ubw56jnp3gXDcT1LjjbATqKHd2MbUV7U88j_rl9uW6bAGG79WDhIig--OIP50_i1RJWyuXjAg8xKV-x0bRT2kI69c4_JUt56A4JDkwajye0UMtdu1iWyZ4Pl0Bw6wNm8c_hgmQwBvDwye9ZME_BXPSJL_bcUcqLU1d6ocfcE_Pen0UvAn6Ofhw9ldwASA7fLP5QTgBAOIBfjSxIhOkAYBoAZOgAev1aZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYlv6Z7dmShAOACgGYCwHICwGADAGqDQJVU7AT-qGzFtgTDYgUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C2FF 0
54 B 120ms
118ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ls824c2a&c=5885781206651&slotId=2942890603325.5&qqid=CI_Zmu3ZkoQDFcwOTwgdwVUFUg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.td&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C2FF 32 KB
18 KB 230ms
91ms XHR
text/xml 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AVbnOyj5614bSpGKXKL34yi_PRLb9b2nwb_cVXn1tlS8YMqBdoazucd7BT5n00RYkn7rv1ScBZf6uNx9WpJYwrFH6Z9Q&cry=1&dbm_d=AKAmf-DB45QLxydDIsHK-dq62l91pwtP90tVYqREPIMmMvphmWLJjK64KfK1wC5b2ChiQF8oHGMis6qv2xPtXvEBFvIACRLunl9sPgDbbcmol_bkKoAtCanRC8cfJCAAVCb7dGrGhmFTMjp0sYIl4DT_qpaB3kG3asips-LZm2ufN7zVpTT3tilInBI2xCDOEB0GRUES4AC7eD4b4VQ5dDTSy4U4ux8tn53-EmjnoC05rmB4qxg6vaL9cTiC-ZFBSugLvQ6uwQiyhteXOvDeqrDAs7xBEdhiRwFhoz21b-6ZyGTntDjgol4XssAUFxYWA2ggOcF0GPoiJWYl7iSHUTs59jeVCKYiRrp9wXlBwn8YVFumYQ-u81ydl4gach0E0A1yM4lE0JCBQydzRuZUDVLJ04ZwtX6UkcW41NnXwLsX7Fv5ZWEDozNjZaLrceO22C7_Ah_xaT0fKW1kaGh3UQhedyJ-bXQmhb1EGOrSEbZSJNRWr93HtSzGndPLVPPX1GakF2MNspTLkXbCChe5_jEY1Va8bTfb51GdmSVPb5F1BNYR1KyhK1wUbw07_ugbYtfFjMD-_oky9PXXpNSTE5EO86XSYGiuJxXTxba3Bf9RoxyRYtI098hMvZOe-MsmQi3xBUcHHowicWXLFlLaJXfcGyG2n8Nj3kakOVsfGlRoIZTu4-sDbs9XeI4g3RUkcXMsalPpLT00_iGhxNT6P_CLpOIgGNP0ZuzgcSCEEPLi0QTnfYUYWfJJHKA_9X4QEtD713C0GQ6r1Bxkpej1Od8c0ntq_qDFfKX0f96peqvaba3u9KQFeqAo8Z1PeTCXEdsxFO1izIBCzUU5Xl9lRGM2AsKa23fQwR72aRXc5IeeD-Hy-_ZdZSUZvt8SEbzXbDVMp60nyTXP1-TqQ9jTQhkG4f3V_xZP2vU3iVJIzB2CfYq53RTGOsrnsteZuB80KGnGiMkqS1jSmXhmljJR-4zWf7oJU47sc5UKw-SY3ro3DjIy6Eqa4kbmFqqPrYPKQflcGZmRetusi0FxqIeiHGrmr-xW8QI6XKg3ZMegoMrkUaT0YlAPkPULcZ-SOe3Db1BoG75BQLxjS1vaMZrL0wgminNSogfX3YxQ7WqVXnOL1_knWqH-72pUXbRrIXl8HLOWCF5bBpCr_3keA4sD8FtzMv2gme4jzJU-uNnzqKVEldCjvYcR81zv3jeTvTszPBaABVxRNJPwZcVFQQu_ryr0s0DAb47n35r9NtIOhgowFZTLXGybAPL-MXIikaNSfEihP6EXTfkabG3_V_pJUeHGA0xAJN8Lgy_zGok95ezj22VyjvyASeaNwNcrXuZplhFg3zwojcd42diBSSRjDN7m7NAxsxBRYIdj4jjv3GYQ9vQU5E8rWrrOX4FoKzmmBywirgUpinKxcw9eVjnQqhTM0JHdNaQodocIivIZ6NFAM1CY2nhIhmJpHAgpYA5oFqrCkKMB6ikuxQ0DnIiB1pJK1xeFXmuYdHFIIi3jB5AJ_azDS_NEy3JCVa6I6SF-KSoDQm-_oL3pthKWYXLBM3wL_iv9w4Z8mfxou0mA0oLXWqu-WdFvtdiBX2_bC_9JLtqzCEPBvVz68iQdH7mZP4qx8V158-cNR2Wof9cByDyMLDYCbrtr3-G58e7kFI2jmtqkZ_5Zb5CMh4GWqrcpB5uZV_EK7wHPp4dJ4tkC94mui9goPSFxkNjzKL9r7J4W2rgoRm5J6y43sGw3j9tk2br-6fKN7tbthS2DdYbtqKGHpQvUVcnCXoRG-TTdZp1o7rKOu7DseoxU5B7Tqie6OQnydE8DR8p6S_-b0Zz5JoLL6OBAOosMr9xGezpNjKy4xmZe0SScxZugrD3G4jB4ZzDArYzutXeJxl8kPU_1g87dwzP6N0NURwT1Z8FRdF7AcO7u-lzSTskHsXy4LZytTA0F682zBjjrvmnF4ptH3jSFZSedvHfo_D4WOrMq1bvZ4rHrbYKvGBgC-mY6hhl9aitljt5UF22qNVt9R6XeWNd1fObtDcSB4XUa5fy8oK7ydG8hEsNi7JuUO6iifnBGIAY6tiyUtqXEHfgUzg7904tu9b-1WD6vMNWG3XzKYZFFP1kwHPyOxC8E2eIiAvRxvsXaWMuPkBFT_Rx7XXd6bw_SP_eNdSGRxp5D02_zsHBemYQnH4I37iSryKVAjRxWiN4P7S8LyKhkFwAzGsKv0byztywz6qe0yJWs7PdbqiUipPK_jiPfeUxUwuTh1Pxn5upfD9qy70HBmMadV_3LhrWRNWehLMGXCX_0rjqvmwqNxlnxWNO-Da2qCqxs-gKJRuv2HftFr9JWmd1_bjNLcqBGqnRqQ0GajMRyfRPXUW-FBo6N6kDM4eTR4jtXf6sANqNOwbSKaglN53k1ky24gGRLuWn-yinfCGAVCvgCBnbB8kNF7L0F2IUTrljGpgRen5h_LnKrvJhb-Md2Mrfy69Ywfpsa7SDtojrSFhQ7NdthbQhNkySpmNjRRaXHQNo_IA9pUvBVmD83nrrGp5EAFAoUQSibxe_kXkmOMDyOxUO8jdJTHJe5y1n66pHaz0SLjW4CdGEDzcdK9GKfOrykiMpkJdhpmBD8DIuB-XVy9oq33-RP5KHPF5UimB7KSXADz7KMHWsKZOCItNH4ljobhCn_6Rebqqv53q3WKJD4dVmVfTQxKC0vSuLBsSGJLFLrix_-z5xwYsVMNrv_YG_GsVYI0afL6EepLPlPXpXhpQ_fiiKyejZEMtAmYFX_6FhAZFeoxRp-Z4GXcTlrdC2UienpauhFL8HPmIJ0UxZ9JdQfRL1yy2agm50D2l3moG-n9o-A7XOXk0uXZ2bJ9Hq6QL35k6q-C6VcrXB876PLwdEIrl_pKhz2iOG0hCdZgjJjJJ5ThXUowaeonEiXfo8_YomCi3xMlCKYsFjjosSOOi7bRHYrHUqM4NldynD8lXsJ8WqnijHhFvIVQDGQXGcyNn-ajP6KGbt7uq_KJLc9cp9x9uIc_mAID12_6z8K72m7UCFpF1AHgUWBhz4o8Phq46olp1sHN5HheEAijVRfmUgYrdfaAthzlD3hoxNzX40Vwp8-LSeLhy5Iw37SIq6P-lxrLeow8m0Mb_mhrHgztRDshc-EP0Ii-b7Oa7VWtpVpZVWUW9hsdAPHSpj71Qk6C8jgr0NF7a3RzNv-6ayqX-IKi8JGEH3vpehlMwSDm0tbbhrCIHGMPZOu-Lp8h3oiJ4HIh1v8gJnrDi9UPE7STlM2lgdQlMci7Xg4C0l0PggE_WG-cUeChn5L87sbdh6GXIQsbX4zv1w9kZ95PrlQ9EnKnsUNl-ne4U2z5RA7neysy3bhey5lxdng4VZ7NfYRM9RjkHIkrqY3sml01K4o1dSG9X1k7GXhFqx0uzn9o8dCSf_AFXiq0emdiDSckeAVWCGkwcB5VN1LsjbI8YF1hc_wUMAl4y0NCst60dp998zj9K_8H2hpeFJCI3fD2Tg4Cczfs3zVfAU49Zf2RS5GfNrVAhd-7W5SGfYNob8cKFfwVQlEroQOd7sj7UEJ3aCP5ErF2PPyOhQSqgPb3UMZ6yzu-MpEypmOKlbB&cid=CAQSOwAvHhf_nJOWM-vIdt5ujrLvkOHLAxgPFuCxecfz1hMOQYIvD2GGSuFuauxrF-JA0IWAAM1Da9KEQU5iGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

91217c57eae4b3ae285c521e113136e32fae8cc787076d9d08f164d821843167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17970
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 254E 1 KB
643 B 71ms
70ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 9605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 19:30:37 GMT
etag: 48472445140208031
expires: Mon, 05 Feb 2024 19:30:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C2FF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7071917e90ca0b6757fe729f1369e08eb075f8a13ec731d0400cde33d4bfebc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 7FD6 0
54 B 117ms
116ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ls824c5q&c=3154297365254&slotId=1577148682627&qqid=CNv2zezZkoQDFT8vTwgdicoHLw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FD6 0
20 B 96ms
93ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CZNtbYAvAZdvGB7_evPIPiZWf-AKMgu28dfKmmYWxEmQQASDvkYQTYMmGgIDco8QQoAGYvZqqAcgBBagDAcgDmwSqBK8CT9DxrTccfnACnyLV3BKN7dXyYtASQIb6rzDhPg4K_biYcgyQwx_caOKwaxlj0YDoGcNSBK4Cjwbs1YMMnTS73ah4H4yo-q7j3DbOIlD90l0dtTuWL2BcjCUz8lF2pE3Sm6YS3qMuQh3VBhWAZhwCsylAOEHC6kZKs5VL68NHcP-KfLclVFy-J46yTps5cAGivi-IqD61d-K1_58epCDCEQ_7LH_yd6sVajYq_KyHvqaWwTJVqzCXdxWM3idVMlYivQ_c8gYptyAaak2C-AZ_2kxVN-e_K-BKE7-GKxYl8K7RwIj6DlPLYF_h_4IAZs1GmaWZmHJ5MMJgar3mXxLsTdYGHDCTYvv6phRi8YpiSideVLRplCYNM3HkOqMJbDX99TfCFTMRw4bZ_q9CIxVjwATe877XxATgBAOIBcKN1O9NkAYBoAZ5gAfQwuXVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WJ2UzezZkoQDgAoByAsB4AsBgAwBqg0CVVOwE8qKyBbQEwDYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1707084642460&ai=CZNtbYAvAZdvGB7_evPIPiZWf-AKMgu28dfKmmYWxEmQQASDvkYQTYMmGgIDco8QQoAGYvZqqAcgBBagDAcgDmwSqBK8CT9DxrTccfnACnyLV3BKN7dXyYtASQIb6rzDhPg4K_biYcgyQwx_caOKwaxlj0YDoGcNSBK4Cjwbs1YMMnTS73ah4H4yo-q7j3DbOIlD90l0dtTuWL2BcjCUz8lF2pE3Sm6YS3qMuQh3VBhWAZhwCsylAOEHC6kZKs5VL68NHcP-KfLclVFy-J46yTps5cAGivi-IqD61d-K1_58epCDCEQ_7LH_yd6sVajYq_KyHvqaWwTJVqzCXdxWM3idVMlYivQ_c8gYptyAaak2C-AZ_2kxVN-e_K-BKE7-GKxYl8K7RwIj6DlPLYF_h_4IAZs1GmaWZmHJ5MMJgar3mXxLsTdYGHDCTYvv6phRi8YpiSideVLRplCYNM3HkOqMJbDX99TfCFTMRw4bZ_q9CIxVjwATe877XxATgBAOIBcKN1O9NkAYBoAZ5gAfQwuXVAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WJ2UzezZkoQDgAoByAsB4AsBgAwBqg0CVVOwE8qKyBbQEwDYEw2IFALYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7FD6 0
54 B 122ms
119ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ls824c64&c=3154297365254&slotId=1577148682627&qqid=CNv2zezZkoQDFT8vTwgdicoHLw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1v5&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 7FD6 25 KB
16 KB 129ms
107ms XHR
text/xml 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C1M88erkHY3gzsp0CyCmRv_IjukcflS2k150ByWz1WOo3-wW4ccJF-abqZlGyzWLZ0E3moEwWBfBlPsVq2I6VyKW2_xg&cry=1&dbm_d=AKAmf-AH2quA4CYiVd0NX1FTUBrvnL0I4afc3nEqkr1dEZmhqxLFTnY_AxvzdOcKJPT2Km2vPYC1D9AyK-u-6Bq0eD-GbC3o1GCSerI4hWMEx-w32lrUqC7gss1HQTjhCsYG0p6TlxdLttePBraOj7frVmTdcKREcVtYfUjZsjIwO_9ay7jNTDjYhaOERoKzlCB8pucUu78o_UALr3ky-qsu9-90S9-TG426OTKyXwxml1PYROO0X_jECKnkzU_TtXjqYgL3RYX9ZQ5rV61USNW8m5d10SOE_fk0aYn30QncUqxPBZGfNCJPisQ0oqyrlT8e69ht0LofknpT2wKZeZT8dwJvhADtEQ7TOygW5ov_ViPkzs2yUQPIeDHeM4ee29oJgXiNXgUPIN3bngCF8GcGqn9jlBl1bhly1IIpfBhW4eBrwg8OOIf16Cm7eNMlFKXI8BvYRtDVeaQCeoe7UvdGIyySRXO10cHVULcx4UMuBBpHoKKj1xebRtnKIzFporgXQLLa8LW41YurTcUSXFB8rRN3Vvg7mu5gHJC2j452fsF-U7sGOBL7pjDQwnTebB60QIvCbvbhiG1hhMV6UObKqhvRmfnxaTZLI1CCIAkvjww_OX7c_4cQYGpWzBLVi4lbYhK5shvdbKxSNILFgqTcSDSQs49690r30bwNhKNPmqHIkE9GH-S7Uc7ayko_r91Pxr96u76DHgvRbXmBLT1jjH-alFMxz0ueX3LkJ5hn9w8GBIfsWsb7pZkUnSwRJZJClt3KpJotIIXnPPtIZClQle0YudAiyHCxyXVX0VAZgkBL24BORbMRjkih91qlbJXgx1vI07DKyvqf7jGRUdutpuJM7Rh4gga-u1E5CB0JGdRO1_RmLiclCAOwZ0n3aBx7PQUE8U2yn9V2h_fz1qyls35i1ET2q1hCruBsgpRiL_rjUpi7oPY_E_9YCNo0sJr6KxcbUnD-jzDljsM4OUlgZKRwUdgRhKvS82Y9U0IaeniarKYop-rJjyqHNvw7FdwH84zjxEcVIX2p7qO1m2_TYyuHq2kdEDEpHd30k2_t8DbEzTZGPU27qLNH2v2-K8eJ6rkyyLrBkF-hljWQTR1kNiePlicCChMviEJUAeaWgKnpB2PtAptDxY6lSu-F7tS4rBH-qAWsFJXBzKD9pEc1tkpbXL-9dyV8gSGKNMsfzK-UmFUAcxYIqldZwOT4tH6q74jzKmI1fk3u3Yv5qbrOlNumGHndZJo7H6aeL_BxTyvj0XZNKh0_zuZSoml_SkR9KHpnjhsxQkCIAVey0UFfSjpbYrdu30kW8ZBXlea2EADvjsiOula9E6Q3b3_dOuEM9gFllY98XpOFhF83XKnCOZRzFnWo97svsEFxcKhJX0kzNLChJUpxsw9Ep0JbyNe02F1nSUYybZWKV0udB-w75DMuXGq7FemaI_9EHbn01z921oiy9VB7kpvTFJRooKI2uGLQlXMSVDOiy-dq9219C-eX1Sk8zMcN19iMZu3qt7PDyfA3vLL7mUs3tEMyymrTUtwdpe6g-FD1C5fbYRsqtelsuosxQWQGAM_I-hM0azMz1R82MgYU7Ch1LMroLvjN3bhUsaMu_DQyCvytpMrgyTFA7t-QThCjybGjTKW_4-b2IrcRMagq_sedFmmRL0Wnu-mrVE7UrOdgVpnYVlL7XbLHFTK_cO8oG6Ui8u7EHBSF17Ydqpa67ZxJ_nmDB5IjJSgd7R_HYR8iFV__fg7BS24ZxLeUJNidTdSLP_j7EYwEy2tIuwBv4YqItrQvtsEWW4rUXVfqe4tXVu1HmgW9Z0kjXXYrnArSdo8NcBQDeD_ZjU_eHcfa9jOgd8d40McWppXFahbUfX97bQQeJGgKzHqcEBMTpU9v7otxBU7Js_Wqtt1NZYyxxj0muShmfR7KlCSjRCdotbY38n6WnQdpJe5p6OVX3FgkSRw_oVXdt_1rg_DgT07MHn79Gzeg2VGgB2tFSMWDWlsvFy6hWC4YuQ_EYi6E5UriHNiO6p0pAUTNaXIISiaSW2s0WRTEqell8N5x-FGMqHHEdKBcbxhpCLgfuEjnNQEU1Ys5SVjYU3C5N6HLiPJ6b7Il-7oCxuVvssdYttENQARlAFKskxT-Uuy65Zedvwa4FpEwYIKsbQ-avpqMgCMMoXTigpc4KsK9sWaun1Ql4afgEjJQR6A_g-Inqw5IZkFDHtHox4Hc-hxzJTbszILMr65mjIShYV4PIji9ymQnPILIDV8cCFQAk_pEwGPPrbew11JseFPqAzZRT_aVewxKTBwO1lhzxDYoZVdNqIw5KezMPr0Ki-O1coM3we1WhKtydLK5zzxgowiY_MHz7FidYTgzEmlIpnGTZ4CiOx0Vy4VKGzGRgnONa96siIOwCaZd588tpAMoD5m2PpGGHuz2-x4yKQSUQaQ--4Fd5bKGhz07t-i37UZ6hlwHTBCfK86nZhBZJgDGyazqO7Aueid7ce_Wb_iYBYrBmMbi_IPM8akG6yU51bsgjPkyi-JkRLNv4TJMwUgualt0ZadQN61Amur5OEah4sLDsHqw6ktISgGRCz8q2ajtI57PuoC2l8oVRi1sS8Q_OQDIHrz4T8RzpmBEoSexH0CrKSQ3cA8AxsgNOgpta4KrBs6qH-4ZJ-T8AMn6QxEAetI9Yeccnc-HrFqpHaOgas5UmMrHq0vrlVbNiAOSN9j9vVmi7N8hjnzZHBTV6tVrsMU3CG5JA8H45oXFzLvmJa1BfiIHOsoeZ8d7oI3nBnng3BEypQmJ3pzefHB5ZavgBNPQ3HHWEIjh4qoyueExxQ8vQXqpjxOuGp2FgCmEvfF29t43k0LOGDdAop48SCnXmR20XH96pnZyKWfvErikh_77OamfutQW78yz4huw99yFMPmT0bXp0RGFFDdlKgt7mmaqBiWjd-2Yn77Qr4baWtI8Utt3dthQTkv6QBc8Pcj02iln6HBViVw3yUinjBZZvGw4qBIuLGmz3bxZ3-eCYff2D1YVtPi-KToduEo4lfb2IBr-N1EwiI9MAydoAM5YTRfi5Hmym9r5zojVQ5J4-ZhsEPFwo634Dg1kaVCujAYOK9l_8PgF2amGZv2hUR55-4awTTuA7JluQLa2yO5GRYpS96Z2-2crYGr90mHJ0PvsefdAL_L1swsvdx4kHvWNy-8MMyVL1L0nbklF5xC8z61BPoaHMg424PabE3XaEMPRSW0AiQpQq5VconDlsduq_M6B8kTYmlK5gNANTI45qZILjiPqe1KP3Cp5p2pUB6hZxGXJuLNKXVh1xjTAkcrR2nUnQE6c-FoWFylm7ES4S6j83exYgcM1AAbDCat6xDsYw9kycY5E_-ByTDdaubKerJHOvOpm9fRRP5wVl6s4LSCfHlA73i8es7735i43ME0WbPkeDfr6v3nAln27PdAH3LkQPg2NX2zPkiD39Z7NqRU0xKKoYfDiey5qfHVGAmnXXlNfrnTlu3yn2aoyBYRWghWUfNNsUYgWFyiDawhtBZPTWPefNUPL1O9eWDDj9OGa4_MiywKOPZ-hTKxN_D-i4GXqIj7gn2kK1XRs81UIggi6xnBcaw6fUtD98qUWOhrD9YyI8Zt-XcAPSUZwxxH2xmld4CJhh_xYrLHdmUu7hMsJYP6ljzRYhSq63qnZAguPbzy7C7GahyM_Rsxix7txlDLUnVq7bObrpjgS6OZN6f-zimoBAN3dhjXQQWnEk5nHLcxtvvViIQ1WWf9hsEuigQTJUpW_mGgH4kCvst0182EeuvYVCUgyRIWgsgzI5hfDSwJIMGbci96t8Bj9URvTAqtUppZ1kXrdRc85fwkc2_RbF86k_FDjpiB7Tmpd2ysvoTwNMdqMBLDtYyMyxuY4xfEZL0wWZkfDoIBkG1ZdXFSKt7rndKfnyrhacTqmC-WDxLAdG6rK54UYMybGHXke9UG6_Scy0irl0PtdmAe3ieldRTNI0FxF1dJKnsx1zLzVI-o4SBtfyeW9syJUM_MYEmtWHtku-HTjC8zGY8p3awl1vlhVq7D164oQc0Xgoi9uGEKL9oQey3X99YYB0KcamItQV6YeLFPw8q7pYznSOvFOjQC1WMxd&cid=CAQSTgAvHhf_AuHyxC7TrG1V3bqJXYk1Xo_yjmNe9jILfpid9iSCV2trgp7Y17Uf2NL8iHP0hQH-ITVxM_gunjjx4pew6SRNUvMisNakeKrU6hgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

94367e0b9ebcb40d409eb96c4b7a0fd4f7f90fc25eafc684af577a8c4a0c1791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16286
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame CE93 50 KB
19 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:08:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 09:08:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 254E
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_cver=1&google_push=AXcoOmQkqe3bYoLBUAZ4jmq16cegjichTeFMRkOXyffAC9dYvzUzGKW...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=a7fb86c4e620415&is_secure=true&networkId=14000&version=1&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_cver=1&google_push=AXcoOmQkqe3bY...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABvNN93cGVrAN8fFosAAAAAAA&expiration=1707171042&google_cver=1&is_secure=true&google_gid=CAESEM0_Bmh0re6tZ1qkguFBG...

170 B
188 B

87ms
86ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABvNN93cGVrAN8fFosAAAAAAA&expiration=1707171042&google_cver=1&is_secure=true&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_push=AXcoOmQkqe3bYoLBUAZ4jmq16cegjichTeFMRkOXyffAC9dYvzUzGKWINo-Rd3XPecZxzz5X-9x9_HTf8rDMYfJjbzVIy_XS7kSxMtM

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAABvNN93cGVrAN8fFosAAAAAAA&expiration=1707171042&google_cver=1&is_secure=true&google_gid=CAESEM0_Bmh0re6tZ1qkguFBGZ4&google_push=AXcoOmQkqe3bYoLBUAZ4jmq16cegjichTeFMRkOXyffAC9dYvzUzGKWINo-Rd3XPecZxzz5X-9x9_HTf8rDMYfJjbzVIy_XS7kSxMtM
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 254E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkFyMllTSHkxUndLSGc1&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cver=1&google_push=AXcoOmTlDaVrBAgsQ2HT3COfDdQ66eJ_T3fQJFTXqRdFCzt...

170 B
188 B

84ms
84ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkFyMllTSHkxUndLSGc1&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cver=1&google_push=AXcoOmTlDaVrBAgsQ2HT3COfDdQ66eJ_T3fQJFTXqRdFCztcZi95cKq19mMLgFpPkCpE9uo6ubH3v0AZCDOs5AbQ8pzF-wzgI54n6OoZ

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Feb 2024 22:10:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-09517b2d87164a730@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkFyMllTSHkxUndLSGc1&google_gid=CAESEHcdpnMLv2ATHhrY_ZSICyg&google_cver=1&google_push=AXcoOmTlDaVrBAgsQ2HT3COfDdQ66eJ_T3fQJFTXqRdFCztcZi95cKq19mMLgFpPkCpE9uo6ubH3v0AZCDOs5AbQ8pzF-wzgI54n6OoZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 254E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBeekySsUod3ejSLVicfMwA&google_cver=1&google_push=AXcoOmREV_Ol6stKEpduW19J7St43lYjFvtFON-fnGrZYSV_wAu1d8XlxSiSkmlv_cXb2Hfm7Kqh-85rE00RLUIXj2zWGs8-ZBLO5Q0Z
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8CE9E339271458FA34B23EF8E70D51E&google_push=AXcoOmREV_Ol6stKEpduW19J7St43lYjFvtFON-fnGrZYSV_wAu1d8XlxSiSkmlv_cXb2Hfm7Kqh-85rE00RLUI...

170 B
188 B

89ms
86ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8CE9E339271458FA34B23EF8E70D51E&google_push=AXcoOmREV_Ol6stKEpduW19J7St43lYjFvtFON-fnGrZYSV_wAu1d8XlxSiSkmlv_cXb2Hfm7Kqh-85rE00RLUIXj2zWGs8-ZBLO5Q0Z

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 04 Feb 2024 22:10:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8CE9E339271458FA34B23EF8E70D51E&google_push=AXcoOmREV_Ol6stKEpduW19J7St43lYjFvtFON-fnGrZYSV_wAu1d8XlxSiSkmlv_cXb2Hfm7Kqh-85rE00RLUIXj2zWGs8-ZBLO5Q0Z
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 03 Feb 2024 22:10:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 254E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM4C9O3eKVq4KtCbJV4rf3M&google_cver=1&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6Da...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM4C9O3eKVq4KtCbJV4rf3M&google_cver=1&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4T...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMDg5OTA4NjQ1NzI4MjIwNw&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6...

170 B
188 B

83ms
82ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMDg5OTA4NjQ1NzI4MjIwNw&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6DaQ1Vjh0kBfT9XV4O15ZL65UQ

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMDg5OTA4NjQ1NzI4MjIwNw&google_push=AXcoOmRwWT87rx_pftCuVgtIR6rckX-9VaLKFz7qeOf9NfD44NBwxSYmPSJb6_VlTtmtfSvLU4TmE6DaQ1Vjh0kBfT9XV4O15ZL65UQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 254E
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEPnHzRaxu-tLASQcBqls42s&google_cver=1&google_push=AXcoOmQkOlbJs_HoUH-gQqwpvdD9RmzfLTQUVyCXQaU582A8m8UKJMQkqrWUa0FqB7OS3dJkEWMnYQhXSH9ZC8rWAkbM6FS...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQkOlbJs_HoUH-gQqwpvdD9RmzfLTQUVyCXQaU582A8m8UKJMQkqrWUa0FqB7OS3dJkEWMnYQhXSH9ZC8rWAkbM6FS8CGodZU5hmw&google_hm=MjM2M...

170 B
188 B

86ms
85ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQkOlbJs_HoUH-gQqwpvdD9RmzfLTQUVyCXQaU582A8m8UKJMQkqrWUa0FqB7OS3dJkEWMnYQhXSH9ZC8rWAkbM6FS8CGodZU5hmw&google_hm=MjM2MjYwMDQ0NzQ3OTYzODg0OQ==

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQkOlbJs_HoUH-gQqwpvdD9RmzfLTQUVyCXQaU582A8m8UKJMQkqrWUa0FqB7OS3dJkEWMnYQhXSH9ZC8rWAkbM6FS8CGodZU5hmw&google_hm=MjM2MjYwMDQ0NzQ3OTYzODg0OQ==
Date: Sun, 04 Feb 2024 22:10:42 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 302 ggl
ads.avads.net/sync/ Frame 254E 0
80 B 443ms
138ms Image
text/plain 35.205.207.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avads.net/sync/ggl?google_gid=CAESELK0zuFnT1H0xCCSW6M3NKY&google_cver=1&google_push=AXcoOmQthI4GA7DjrVsZhGXqjw83Btgd4-dVQELQOI9ZkX9bsN-MpyVVBaZmlUXkRIgpiJIOOG95zIAISE9YN1jbMAazBCzL6KffGZuB
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1362911606480008&output=html&h=280&adk=1626564692&adf=333044141&pi=t.aa~a.2072042287~rp.1&w=470&fwrn=4&fwrnh=100&lmt=1707084641&rafmt=1&to=qs&pwprc=8411997553&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084640766&bpp=2&bdt=1756&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c874747d4a759b1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MasxT6rRZLVaj-C-8gk_UDA7KdH3g&gpic=UID%3D00000a0b6f87e300%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MYDyHfkKNRwgg1uwjso2trfzBFMKA&eo_id_str=ID%3D51c6cacc3a7e2ad1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DAA-Afjb8G9s-xFgzNE7EHffo7m2T&prev_fmts=0x0%2C490x280%2C434x280%2C470x280%2C444x280&nras=2&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=519
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.207.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.207.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

location
date: Sun, 04 Feb 2024 22:10:42 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 254E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEISBJyihwd4U...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZmZjZGFiNDgtZWNkZi00MTQ1LWE4ZjgtZDA1Nzg2YmFlYjVh&google_push=AXcoOmQDoQDPT3DsYKsrfKezJw6aQTMT4Ff7CZzy_5kTXjlkB_EM49L9nzuQj_zb18JrI...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

72ms
72ms

Image
image/gif

23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Sun, 04 Feb 2024 22:10:43 GMT
pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 254E 0
12 B 84ms
83ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOoMhkFuebuDpQIM2Qj-iWh2pADUZxhPnzxcvDEi2KFd_gfFlHvnnzR2Ah0h2GP3MPCEZ0o7f2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C2FF 0
0 102ms
102ms Fetch
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtGduYQvAZc-kF8ydvPIPwauVkAXq4qa1dd373vCTEmQQASDvkYQTYMmGgIDco8QQoAG5qtm8A8gBBagDAaoEoAJP0Pg8jT5uqAAQaRf_Dh42MJfe0GzV4MoRcVIiPyBUBcZFvUoVKc7zXN9FfY5jXBYdeDezDvlx7k58DHg4SRsdTthZ1A8XKP99UbMM_D9OovhxI_BiNjV820M0XQAcp-4uMFG1Ortxb2lzNNZRSfwSgPJ13bRsDsPW6dOcABZE22_g_CNeJgPq8lFFP1ZCVjNO39SiNd8FfW5vDnqOeneBcNxPUuONsBOood3YxtRXtTzyP-uX25bpsAYbv1YOEiKD744g_nT-LVElbK5eMCDzEpX7HRtFPaQjr1zj8lS3xoFS-uzrSMDpoYhduxBhBFQxoIzWezTCGpgiKwBJhGYmFHApWl0E5nhnvOevYvDdMePAhTBlJ47NiVFPaU2BXdvABIDt8s_lBOAEA4gF-NLEiE6SBQQIAxgDkgUGCBsQARgBkgULCCIQAxgBSIvClgKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB6_VpkOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCOxBgYqMzWgwLSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WJb-me3ZkoQDgAoByAsB2gwRCgsQsIHhgO7-5dfLARICAQOwE_qhsxbIE-WcneQD2BMNiBQC2BQB0BUBgBcBshccChoIABIUcHViLTEzNjI5MTE2MDY0ODAwMDgYAA&sigh=6-XHsCDBdww&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwAvHhf_nJOWM-vIdt5ujrLvkOHLAxgPFuCxecfz1hMOQYIvD2GGSuFuauxrF-JA0IWAAM1Da9KEQU5iGAE&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1362911606480008&output=html&h=280&adk=1626564692&adf=333044141&pi=t.aa~a.2072042287~rp.1&w=470&fwrn=4&fwrnh=100&lmt=1707084641&rafmt=1&to=qs&pwprc=8411997553&format=470x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084640766&bpp=2&bdt=1756&idt=-M&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6c874747d4a759b1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MasxT6rRZLVaj-C-8gk_UDA7KdH3g&gpic=UID%3D00000a0b6f87e300%3AT%3D1707084640%3ART%3D1707084640%3AS%3DALNI_MYDyHfkKNRwgg1uwjso2trfzBFMKA&eo_id_str=ID%3D51c6cacc3a7e2ad1%3AT%3D1707084640%3ART%3D1707084640%3AS%3DAA-Afjb8G9s-xFgzNE7EHffo7m2T&prev_fmts=0x0%2C490x280%2C434x280%2C470x280%2C444x280&nras=2&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=565&ady=1213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=519
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame C2FF 0
17 B 126ms
125ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ls824c32&c=5885781206651&slotId=2942890603325.5&qqid=CI_Zmu3ZkoQDFcwOTwgdwVUFUg&fb=outstream-lima&vast_v=2.0&vmfc=14&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C2FF 41 KB
15 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:25:05 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-q4flrnek.c.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C2FF
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-q4flrnek.c.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

525ms
63ms

Fetch
video/mp4

2607:f8b0:4000:47::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-q4flrnek.c.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E65A63DFC9165E5D685B055CA68421697C4F83E.0631764C397F00DECE39558D2C40B2BE5AF3FE2F/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::11/mm/42/mn/sn-q4flrnek/ms/onc/mt/1707083622/mv/u/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:47::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Sun, 04 Feb 2024 22:10:43 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8613486
Last-Modified: Fri, 12 Jan 2024 00:06:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 04 Feb 2024 22:10:43 GMT

Redirect headers

date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-q4flrnek.c.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E65A63DFC9165E5D685B055CA68421697C4F83E.0631764C397F00DECE39558D2C40B2BE5AF3FE2F/key/cms1/cms_redirect/yes/mh/hX/mip/2001:550:1d05:1::11/mm/42/mn/sn-q4flrnek/ms/onc/mt/1707083622/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C2FF 453 B
478 B 77ms
77ms Image
image/png 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-1362911606480008

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 23:00:42 GMT

GET
H3 200 car.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 19 KB
19 KB 71ms
69ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/car.png?1699369494953

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1362911606480008&output=html&h=280&slotname=7961270948&adk=2898237021&adf=1848691050&pi=t.ma~as.7961270948&w=434&fwrn=4&fwrnh=100&lmt=1707084640&rafmt=1&format=434x280&url=https%3A%2F%2Fafkaralkhalij.net%2Fnews9260.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707084639502&bpp=2&bdt=491&idt=590&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C490x280&nras=1&correlator=8487466843469&frm=20&pv=1&ga_vid=804276535.1707084640&ga_sid=1707084640&ga_hid=1342784466&ga_fc=1&u_tz=-600&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C44809003%2C31080659%2C95322195%2C95324020%2C95324155%2C95324161&oid=2&pvsid=3436147514831985&tmod=1712668158&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=595

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d9d9037508e57d94da5992c94ee840fe70f155cd0a834d84dc0b3a7a5503de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:39 GMT
date: Thu, 01 Feb 2024 09:21:39 GMT
x-content-type-options: nosniff
age: 305343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19879
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 8CD3 0
0 103ms
99ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvA3mRmaXPbmJIb1757SOQT28mCtCSqDX5aRwuL0BXTqgeyikkrFsdXJg-E5Mf4UyPGyPxbFDne4IqYLM4kG0oKrf3ovk0ZfBtXeQp7P2N4JReR5GTVIwPpqLSn5EDh6UmIYCLYlzewdkhUOtEQF2EU_3TAoSFWhcTAz7_z9cv8ls0Z1yO6BNMc7mCDDAtepn_swq-PrPYocRwI5RSoizwk_sUlc3dn7Dj2vSr4Md3hTdlKyF216PJdvdxR1EAW8rR-jncAEW-h02JsGK-8bRIFDwk0UlSqMDxX7Gt_RKs3eh-JXrk7NIAXQ3Z0xJ4qcDG8x5wTFXCxNG3Ur6QfWpn-ACtyXAsNC2VwA3FsI0euVHF_K8wlBVJ_zRn-5ZisfMvqgYNJsD1XlDIYPJNAPuBgN8_w872a6lPsF38_gm2nCZZsd2bdbMDMau1S7D1jUvJVxkHfLHbbeTY7_IrKj7bwHXuZx9byhHMd4j8WYVPHwYvS1VxkxOjMFJpBRA2iJ9v0BKbE_0LETFyEk0GAR1R8M3gziNZ1Jvtw12PnB0CJNQONDozOrf_bzoqFuBc6V0dApjLwyhFHUvv6EbyJB0DPOiw04sSCChOiH_ZBy5KqPLGscrr-UBhVA09P9xvDwgqulI-Q1Nh41Yjlwrp_HRmBIUxutVjSJFJhsOPxmQi-HaJ_ACALKvT4BUezAyubhapu--R7homD4ZNpb5LPwOAAs_p7tXRXUOMkttSO_e5I2aTLKAQcdLgsOOucJ5j5Bpo0HHh7I_Q1R-Lgi9AUZp0tcFXmz2975YvpCY8PidhXaSBK7Y29agXBod3EfGOHJJcvBQl4NlIg-dnFEy-vRzRSiiuKuW33zRRrn3Y0tC5WGYUQdJcARGXgZpMLvmwOOxHjXCM0rp9NfHxXOW0JIZbQpd9d4pFpIlExZhO5v3eYsTYqBZ8qB_bJSrPBFpZUMD07Poc9W9HtQKl70a6-v0k0DRjOwVuMNZJqKOlbvQQFVvj8TtOglmshroEJXCkLCXSiZT04R45kzLJ5mr-i9LXk2FNakfGO2C9E7nmkh5epSqWQUa7noNpROp7CSxolRDNQIvsk9qgMmucr-UIYbV2iz7TSDo4BSLeF6g8alDEh6AnckylRjVDqyU2sXhEXnE-W6UNn83zy1dR-ZA-4no148GYsjJlXmMdfuhb1M3RCBEdwTwne9yhWDe7FY8-tqdX5ICKRXOdGQKnq60V1J986m8iqyQwnMapFrCV2AsGKIHgBB3v1B0gDH34FQ1WQxbTrjFOV1tqy2mivsL6v0qK93shjydW8fwFAmSZt4eamVOTADlvv2umUmC3p2thHVxhVlctX2k_J_yQHzUxYfh8qRPDWfOhmcFGtET4j-7-Z6o3xf-9t0FoiaV3BOZilOJq0E8NRFRfFGghud9bzrmGF2LAk&sai=AMfl-YTzhbbuuNy6tsGZ061ocEpUbyDs6dJGbP_521qkVNp262jjRkuMfaSgFdVVolj9UdPaW-wdhOc6nqlY1Vbb1_XsRM1lx0HMZaGD_2ZZ8YJTNderdsNs-Dya8-x2T5phWXOWChATT2Ps9d3Fk1NX1dwCXhPOVCoWTL89Yt_jd7ZuoOvA0YahDO4C9IDQVtGH8hCxu6BdyxiX3SSZqI8VDAWxWx7cDWLWQ9g5qouixNT9I5ii3ICHKm-89FctZmSg7EXYgDPM7B4apt4A9GS8NfwcaDz0oZ0V7usZodrvnkV8YBFex4msyW2dmI0ZvSgoCZAgLoVKzth6m1svXFEIvhXgzfCZDXbrVntidgnqGdoyaF3Gtw8Tj6NvlJLV_qGjsbL8trjCFCNTLpM6qJNZDRb9E4j7dlglrXZkUgwHob4bHTRZKDT2VacYQHR-PEb4tTAV0PHDt0J3R7EIwvKQmxfoWZygocNRg-zgauv-BDoSGjYGgTpzUtDWaU1pvG4wKBvmDKbbFLBp&sig=Cg0ArKJSzJ1ggGGF-C8IEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9leHBsb3Jlc2V0b3lvdGEuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1684&vt=11&dtpt=831&dett=3&cstd=843&cisv=r20240131.90276&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: afkaralkhalij.net
URL: https://afkaralkhalij.net/news9260.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Feb 2024 22:10:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 93ms
91ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144a5224e64f27b71cf915d2acc94dd4c380611eb752ce29ba195bc340fba351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12338
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 7FD6 0
17 B 114ms
114ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ls824c6a&c=3154297365254&slotId=1577148682627&qqid=CNv2zezZkoQDFT8vTwgdicoHLw&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r1.6598129b824699.15202001;cb=%5Btimestamp%5D Show response
rtr.innovid.com/ Frame 7FD6 11 KB
11 KB 324ms
113ms XHR
text/xml 2600:1f18:445b:901:fb7b:a553:bc85:f072
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtr.innovid.com/r1.6598129b824699.15202001;cb=%5Btimestamp%5D?gdpr=&gdpr_consent=&dipn=deviceid&deviceid=[InsertDeviceIDHere]&ivc_deviceid_raw=[InsertDeviceIDHere]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:901:fb7b:a553:bc85:f072 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 1c06a3138ca6e0b41c9d3c466cc80393f522d212c641c217fb9cd6aceb884d95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
content-type: text/xml
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache
access-control-allow-credentials: true
content-length: 11138
expires: -1

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 2 KB
2 KB 74ms
73ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/cta.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b896cd0a01ea09e1d49b1cca294ca72d90b1385fdf00b943b6f8d6250185bc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305342
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1689
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 88ms
88ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 22:10:42 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3A5E 23 KB
8 KB 68ms
62ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 306135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 09:08:27 GMT
expires: Fri, 31 Jan 2025 09:08:27 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9DFA 42 B
64 B 143ms
142ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnLWU4GgYhoZEKzxdqjtBgmjM87lVDUDZCwRx6YYLz9nz9o5HP8AtctNyH23PcE1R4CKC7046K5Xk_3rvbF11hb5NWbvCGc_X2OnlO_CRn3DHSFTlIQkljWMTPsY3nqKXVP26L-xAP3gpL4IpK3D2Gb8QY&sai=AMfl-YQ6k0Sf_Zm_5O9qE-1opyPjCpIWe3RYO3pcCIpTu85L7czO2lEd0jG3wbwOzfaFzU30KYoLFpNlHkuGFFEsxeSrs-lPSwb4hLDjXgxfjOHcD19eViZ2_3dF8soBO6085FN2qGRdNqehC2Nv-YOf&sig=Cg0ArKJSzOBN8-pHYjnxEAE&cid=CAQSTgAvHhf_jLvaRB9ojAdLOhb8LfMjFBjvi9tlj0ibcebOioxGSen3DZ504155EonpvDVGNMMTj_FK2aER-BxfqaUXwyyq_rXgc1KGZTzXuRgB&id=lidar2&mcvt=1030&p=0,0,284,336&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&v=20240201&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3278687367&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=301744100&rst=1707084640653&rpt=1138&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 h1a.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 1 KB
1 KB 64ms
63ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/h1a.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6582865f4daf9c82c43c702ea54d8713ae31f24f2915060423c8bb2423cc472c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305342
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1457
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 h1b.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 3 KB
3 KB 63ms
62ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/h1b.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bdd9a6fed6a50ac7a5d666d07530ad601078ec01fcb6814317a9a4813a1ec6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2819
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 csi
csi.gstatic.com/ Frame 7FD6 0
17 B 116ms
115ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ls824cc5&c=3154297365254&slotId=1577148682627&qqid=CNv2zezZkoQDFT8vTwgdicoHLw&fb=outstream-lima&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FD6 41 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:25:05 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7FD6 453 B
478 B 63ms
63ms Image
image/png 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-1362911606480008

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:42 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 23:00:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F69A 13 KB
5 KB 63ms
62ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 7142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 20:11:41 GMT
expires: Mon, 03 Feb 2025 20:11:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BB63 829 B
1 KB 230ms
84ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f75ebf9ad56a15b5d1a2069606626e64a7bb1e23daf7b3ad91d569c2bea1bd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-agRj1q_cE59u_eLThUqKOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afkaralkhalij.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-agRj1q_cE59u_eLThUqKOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 22:10:43 GMT
expires: Sun, 04 Feb 2024 22:10:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 contentadxxl. Show response
fundingchoicesmessages.google.com/f/AGSKWxWljyL4CHoW8KrTLyX21MJ8vzurLTkRNls28VMxF4s5T4CNbiPGj4caGmYQ3p93ZEQD9xnABji6y7TYeN2tii1malyDUqDzKzD0kIz6zn4TC70jNZ6dDjdQpUWclENElfRqUJrh6QE75CY-rA3VhELHQ6I9v... 54 B
110 B 91ms
90ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWljyL4CHoW8KrTLyX21MJ8vzurLTkRNls28VMxF4s5T4CNbiPGj4caGmYQ3p93ZEQD9xnABji6y7TYeN2tii1malyDUqDzKzD0kIz6zn4TC70jNZ6dDjdQpUWclENElfRqUJrh6QE75CY-rA3VhELHQ6I9vE_iGhoZMxAk9T8hsIcBFugCzRJFw6DK/_/ads_new..1d/ads//adsAPI._ads3./contentadxxl.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOHLYb6NgJOIaPTH6d9W4NVL5YRw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29f04ae9cfbb7db4aee606f26fc74dec128051808af9e6e0980f07e91eccc787

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9Py7PwuU5XMPZSV2aYszIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9Py7PwuU5XMPZSV2aYszIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLmeDytYR2bwIbHx7wBMMhTbA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 21:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11399
x-xss-protection: 0
server: cafe
etag: 11747613320577944511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:48:19 GMT

POST
H3 204 AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 218ms
93ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UiCL52U7o4YwkvjuxjaNOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UiCL52U7o4YwkvjuxjaNOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcDye1rCOTaDj16sORgDrbyKS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://afkaralkhalij.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content 19_source_186144_969788.mp4
s-static.innovid.com/media/encoded/01_24/696253/ Frame 7FD6 31 MB
0 345ms
66ms Media
video/mp4 23.58.91.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-static.innovid.com/media/encoded/01_24/696253/19_source_186144_969788.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.58.91.161 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-91-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: ydLsGYiXYNhvDiJR8G9s.TZvX48YC789
Date: Sun, 04 Feb 2024 22:10:43 GMT
Last-Modified: Fri, 05 Jan 2024 17:02:08 GMT
Server: AmazonS3
x-amz-request-id: 3A3PHXKXJHMJ9RD0
ETag: "f4fd6a9afdedc9f32ef332958a2c45e3-2"
x-amz-server-side-encryption: AES256
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-37903459/37903460
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37903460
x-amz-id-2: TYNMuVqQPOl5ZUx6qH0RSZ8vdZW3+sNvBMcYg8BWm1885wQ/fsN432vSE+uKEtfp8q+SMQ6DO4g=

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CD3 42 B
64 B 134ms
134ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPwLYHT2Av2_HV1wotoUStngaWmWlXVmWGHdj39A8-2JHsHa9hlSGrbFgc6-hgRLw5FX_VW3offLhyhgSnYsmQpRbi7CNMQNGbLlb6EeqDQEdcgO9MGL3yAl2RXPXUKKB_sNYwFWiTmJ71Dks19Y5lGzPU&sai=AMfl-YSb0NHoiP6vKzXfiltXBQ3HrHCX0ZGhJeEkbc02hdYh4XBvMhPhst7vAq-YPdkAQKUyJ8QfzbZcUlCNEe3uJXcDNqn2PlVBm-ZM96UMYJELu377dXh2DOprsTpBerDxCaAltJWjl6WgvjYC90jslw&sig=Cg0ArKJSzB6j7nDfn-QqEAE&cid=CAQSTwAvHhf_meR41p-pn8MiOfvjNYogRdqEHsokwJqMZlo1TYTex4m9e-8sGZSPaX7m52ahwszndwPfUp1fBI_FQglsncl9meNghy95qNhm4IkYAQ&id=lidar2&mcvt=1031&p=0,0,250,300&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2898237021&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=301744100&rst=1707084640945&rpt=1063&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A5E 39 KB
15 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 20:11:42 GMT

GET
H3 200 h2a.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 3 KB
3 KB 63ms
62ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/h2a.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad326552bd49129d4b31eb7766698a92950f23c6fbc80b401c893bf157c649a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2751
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E85 0
22 B 96ms
96ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_eSWYAvAZeWbCt6XvPIPlaeKmAgAAAAAOAHgBAI&bg=!UVKlUh3NAAa8BdJLnAU7ADQBe5WfOKmEJgpUgbJJLZgMtq8S80vlRjET7syLL5Swf4kPXLNrTpldDWk-Wp6tiesfrG-UAgAAArZSAAAABmgBB5kDEU-Zfc9z3Heh19q7pP0RuMBdsuSXWj4p1IgYfX21Qby44sU2lH7QpTtxmcI4ul1oG_OQ_ymf3EVzvS9c5NwPeCBjS1pKMBRSjLiVF0vbf9pN7DZq5-SwIv6XxZSRFYBWFet_S9puQ0rHmp4TDtGMYfaFWKAmRrxPtR3tchgdXzvUZeFg9GM9Eec-yWVgMfjMJXR5JqugL0qzAe6nVjJ229s_WvAb5U2vo3nPQV4_uxB4rgeoQLrVmxUgEm9BS8MGrOlcJpbiMgrOCuZNSc_QkHU3viJWOg3r_ReQ5adh_kRM8GOt7COph1Bd--s9vVFtU7YEef1W0BqKiBzVG_tPPMULH3vj4MAFhdwAWaOvKcHc7AqhtV7qpD9R4q2YacPlAP4uPT7XQS3sw4HdDqkEY3nxMkv6eZ-h7NJrrfm5emXDV0UoMKZvdSXrPT0XR2yyn71vtjzKGITSj1DtJKuupIMkqVOK0feCPUxgXgKnOT2Axz0uEMV3cDhi7hl49uyzGbj46TLiNlj4PlIe-1-JwKgBPItMn1P1TyBjEstJBsSel2m0m31vQUQgsx4lumc0KpPYvfWLujvSSMxOHtcu3pWTYkPnmUGFGFK0YmnRzS4b9zKep1l7OrBwnp2loXTici834RpTW9kWrxij8x-p1LjYpQBw9Umh07ftI1r4D8XvJI5jH_QRUjhqwXRAkoGNq4I8PX-Sd8hRu8E0YkJ-Tzqe4JoHdVph_46_UAou1sfhv6NVXWNP75FscOjGWPXqjpVeJG3yd9oLbBzLNBYTj2bN5kHEqaH7LdN8M4YIxbvzRM0Dba21o65hKQF-JYE1D059QvxHxpR_c__jSO3UaB1-7ZNgCGcu3RyXduvQ6RiOpd4NWmUVPCObWea1I5euZaHs2VH9Rcfbfjr4lulxdRr9hgZRnRL4BqvmrA1bkkDrfZqB0EoROrkr8dcqM_YnjEMVSlXEiNyg0Ka9zFlYthG-YUkIfiyNKcNTHvr8aqkDJbhATwdYWloPgEHuPjB2RrnXt1Iq8hI4RIoChRWKLLik

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8F0 0
22 B 96ms
95ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BV29EYAvAZamZNoTsxtYPl9-X8AkAAAAAOAHgBAI&bg=!e3ileDfNAAa8BdJLnAU7ADQBe5WfOPNevXC0IJnwTyY8nuFxdAxHgJ6q-3x2VghTtdlzo71b0x7UEFJpg3qkTt7KsLvmAgAAArNSAAAABGgBBwoAR_05y0mTBvxcWJ3AzE6ixJQlypJu8q0EPUErEaFbBUR-eguhyS2ZifvMT95wGTGUEp3n57JEo0I2Ii3JkwYhCQ25r2aYhPrWmQMH888-3KWoBYDWDEX2vmwDk3GbUbuqaGfU925NKuywRu__hinleXtmgA0HKROBrMUsjr3V4ug3or3hCkEefOJ6xOgSVBIBNLVQZvdDSX9-IywQXwhLJQpUiZRksI-mYPP05eTtcxp1OSGLND7Ln1yzua_RejeucPlDakAzKqxkbhBffsN57hZXJTs2AiuDi6FzrA_USkeVjcB7tDbnFgDi9eRScCZXGaCPCoruyuzgmvPXiYkvGGtWtna0-M61oCL1FXW_cn10sPaN3CxWWanMxNw4XjeOzhdhp1WM0T-FQ6mCkxxH5J_9HaSvOdici3oYdB_x8V5A2fbboPMnEkL1qYIn422aBz8sEq6iOe1fCAOZwiE9DrkRT9xLoxi-t7PyDia3RQg8oGv3GienBkwIeDVFda5xTR4hcOySXrjPCX1KYUfuJnc7Sx6GxDtG4UbGcMjqbzrIT72u5f8GPRbyLLfMGafqPDwnD4aYREQ2xkvT4RAt9eY_lhc929mctHzgcaadJRKCB_tp-SwjfGuekg4T_O4WRBNuptiq8Xe5TAHkFTj07fXgvy4qB2LUC_mbrdvfc766xrtEm_zUMPP0Vz2DHJrEhxCzeNVpY-RBvkGWZAIGNNHxruvNZ1rFzqGeybQ0i79uW-QR_oNMkQqCmLBm2_gy3frRc6qvvJOwuDvoKZYZ0Rn09nNEAc4kv9FSR601wMQZAf_spnbY83Z6819-ow2qendD8LG64Gy9PnSw6HvNT4v7h0-kmfTqw3CHejU-1AMcQ_y18Uiw7KD10HQCneqQv1YoiSWAVXULS-36kD4EA_rIgQvbVBUkywzaaSmd9N7eb0zbbMmwpC_upOX92nfJLREtfZaWW6Gxba_cmPrV9xNiNoAj_HACy9H6elKXM6OiWIokikFzfgoMb6t_foYz_Ae-yV8pKCQS51O2lwgETTtDJwuaKkWsCGFvqh1bFV4BpETNMGVGupvT3SnjK1EIc58LFxUgAzU-L5vFqdExdg8a56YSpcjLIhD0S8F9sd2TvA

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DFA 0
22 B 93ms
92ms Ping
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3739918579490&version=m202401290101&ct=77&x=1&cor=16229697345826064000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 h2b.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 3 KB
3 KB 63ms
62ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/h2b.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6417eb7ce92c273b3fcce2384d502e1f90bc73b27e3335132c9ea156431ccdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image1.jpg
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 44 KB
44 KB 63ms
63ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/image1.jpg?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dbd1a6c79b35ed09fcab834b712017d7386e0bea3350a9e3d6405ecaee74d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45507
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E43 23 KB
8 KB 64ms
62ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 306136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 09:08:27 GMT
expires: Fri, 31 Jan 2025 09:08:27 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 image2.jpg
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 35 KB
35 KB 63ms
62ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/image2.jpg?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a205fb56d3b8e7969c2acc247e84d90029517720c5ad54928a4d64934b2dfebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Sat, 01 Feb 2025 17:08:25 GMT
date: Fri, 02 Feb 2024 17:08:25 GMT
x-content-type-options: nosniff
age: 190938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36059
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 90ms
88ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TG5k3gZisK1u-tXlxfB9eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-TG5k3gZisK1u-tXlxfB9eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcDye1rCOTWDG2WNfGQHoHSK0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://afkaralkhalij.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-q4flrnek.c.2mdn.net/videoplayback/id/695741b7b3625966/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3849466057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C2FF 613 KB
0 140ms
66ms Media
video/mp4 2607:f8b0:4000:47::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:47::8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 04 Feb 2024 22:10:43 GMT
date: Sun, 04 Feb 2024 22:10:43 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-8613485/8613486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 8613486
last-modified: Fri, 12 Jan 2024 00:06:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
88ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8gyPCQwMeE3J5M5hkmHDKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8gyPCQwMeE3J5M5hkmHDKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcDye1rCOTeDD1-9NTADpISLw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://afkaralkhalij.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 87ms
86ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5XGiqnZDSOpsL3rGbZlwpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5XGiqnZDSOpsL3rGbZlwpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcDye1rCOTaBj0stmJgDoFSIg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://afkaralkhalij.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX5l6c02E_XG7WlQqc6xXa-M8zuQqD6t7ObbwEPfVUthCBwi-ddX6lsG-T-4yD-kpnn2bvX4Fi5rKoRtB6ZV2-3YVgeSODhocHjnloYwEmqhkpLeCFz6zUNU2hdo0XOjq_u836rJA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 101ms
100ms Script
application/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX5l6c02E_XG7WlQqc6xXa-M8zuQqD6t7ObbwEPfVUthCBwi-ddX6lsG-T-4yD-kpnn2bvX4Fi5rKoRtB6ZV2-3YVgeSODhocHjnloYwEmqhkpLeCFz6zUNU2hdo0XOjq_u836rJA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDg0NjQzLDUwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hZmthcmFsa2hhbGlqLm5ldC9uZXdzOTI2MC5odG1sIixudWxsLFtbOCwiUlVyWkJqa0FPUmsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3130b1388a8dd9d2ea2aa4e00c72f5f63ad34f37f26bc889360b648b77192bc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-teqdXWw4HHywckcyqJDsZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-teqdXWw4HHywckcyqJDsZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxTsIQWEYBuDjyycknVhcymSQic3KZLAoxSCTkiwmWchitMn_DzajsBgMRosSmeQyKHGQzuKyMHiHp8c6MwStHiUa8Cjz3Z7WsIodaANr_5m2UFMu1IRj-kJXCAU0ikC5pFEVDL8rWUB_3Uh938gFQdDdd_rAJBE3PtKC7RnBpiqGXF1wGexDweGR4PFC8BSymuA89FhyH9pJyV2IFSSn4FmU_IXKfsl1cPpW7AWHzXzqNIYmdXIYtOgPdApYmA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 image3.jpg
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 47 KB
47 KB 66ms
65ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/image3.jpg?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0f2bbf23ce5e12917e2e51a01a3a06ed3104db31a7a7f1922f12aa5b1f0275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Thu, 30 Jan 2025 05:55:23 GMT
date: Wed, 31 Jan 2024 05:55:23 GMT
x-content-type-options: nosniff
age: 404120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47740
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E43 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 20:11:42 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame F69A 39 KB
15 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Feb 2025 20:11:42 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame BF9D 0
17 B 115ms
114ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ls824b3n&c=1405604695350&slotId=702802347675&qqid=CKjc1OzZkoQDFRaCdwEd6ZoHsA&umsem=0&ape=1&ple=1&met.4=vil.ls824c0d~vfl.ls824c7s~vfl.ls824c8e
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/76b55318f38568e647e781cd595cf10f.js?tag=video_mra/web_raspberry_ms
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BB63 0
0 129ms
129ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=3436147514831985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 1 KB
1 KB 65ms
64ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/logo.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ba5ecb50636b6e7e1098ae3105b62b4508b42e7b65e8a105914d00faa1c3d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 10:05:11 GMT
date: Thu, 01 Feb 2024 10:05:11 GMT
x-content-type-options: nosniff
age: 302732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1204
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 AGSKWxVKArc2KiUlrpeU9O6_w4D0DOe0p7837ttHvMQIO2PsBm00c63EwibEo0twhOt17oxKzooZpXNFEBdu9KH9kZyualLacXuzMuX8y5OcBNa4W3oefzadZOCBlH2tYVizc00wuaoqGA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 94ms
94ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVKArc2KiUlrpeU9O6_w4D0DOe0p7837ttHvMQIO2PsBm00c63EwibEo0twhOt17oxKzooZpXNFEBdu9KH9kZyualLacXuzMuX8y5OcBNa4W3oefzadZOCBlH2tYVizc00wuaoqGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RP5qKjXY-vsBbt1OO43trQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-RP5qKjXY-vsBbt1OO43trQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcDye1rCOTeDD_smXmQDpFyKr"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://afkaralkhalij.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 95ms
95ms XHR
text/html 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIjhwlZdO20KUERprDPqEcBamRD0jGgtUZKOs04WLcbkxhGCmlAa0-jqqeckB-2PBHWsfN1p-NuNL6GvPd2kx9HweNkTt10KTh8uTVU9CO8VYwFisf0oXZx0F_pwE0bAT0b7ssrQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qYqgYddPRBX1Z0bYg7BY3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://afkaralkhalij.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 22:10:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qYqgYddPRBX1Z0bYg7BY3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcDye1rCOTWDFim-XmQDq1iK2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://afkaralkhalij.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame C2FF 0
17 B 127ms
125ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ls824caf&c=5885781206651&slotId=2942890603325.5&qqid=CI_Zmu3ZkoQDFcwOTwgdwVUFUg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2096&mt=video%2Fmp4&vs=1024x576&msm=1&aits=15%2C0%2C18%2C22%2C37%2C692%2C59%2C309%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.111~atrd.117&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7FD6 0
17 B 124ms
123ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ls824cn8&c=3154297365254&slotId=1577148682627&qqid=CNv2zezZkoQDFT8vTwgdicoHLw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=Infinity&br=20000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.2c5~atrd.2ca&ua_e=1&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo1.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 1 KB
2 KB 63ms
62ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/logo1.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dd3d4423e89121133927bf3945f6a8e37fb747d63916ed39347b928d8c1f0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 16:56:34 GMT
date: Thu, 01 Feb 2024 16:56:34 GMT
x-content-type-options: nosniff
age: 278049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1527
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A5E 0
22 B 98ms
98ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BVQFCYgvAZaXQIJmWnboPjNSX0AsAAAAAOAHgBAI&bg=!cXKlcj3NAAa8BdJLnAU7ADQBe5WfOA2_-2lLfhzqaHaTks0AuW146NH9_cn40rgHqPl3d4Gt2FYv9PD2lxMVJwq8IVqmAgAAARpSAAAACGgBB5kC8sK7Iz03uXfQCNGwjSP7wSw9xeaTN6pQ_CAVKmToFcYglDr4WshvCE4bVNMxItSfI90OQSq1JL3gUHce-28JjS5K6LZwFXx1lQLuZpx5ltHxe-HJKQbMrFfYc2v1EVYHCjkR29MlX5SS3x841FFwVtUWrYrslU0PLr_UKq0rEqZd-tfwnjKpP7TVntXI_Z6Y1ayBRBJDIqGiL1JPnSZyttNoWaNGxJbqoSY5SRlkqYGLWVdQSb5pZEB-etR0VDU8tML2BHi9khwfLrNX7I5AcQI4IMZWAO6Qu55Q9JgwfmDwQ5yqxdU7h-qHTuCg2zeU4F3IDwJMfioM_1KwO3lNT4LwqxaU8O8oMHo2l_MuJX1Fkot2MEF4xRI_UD75KTeaGXVoXBa_9ed0j0WuA4xriDrMexSY-z_Dqost2yS6Im-WfmgOkPeJpq-jNOSe6MeaDp8g7yGbYk0gwKuFy7lBjCWk4ulXL2TIG6e0vnY7KhltArmH7KfQDpIvmCbzSMHGR5sQcmJ9MuJWpgoPj6kK1zbCyZPAYunpK0s__uvFMEeEBNNlQFJl0giRzHKozLaXbwazsJdLktyF6ywDXrPtnOGD-wy4xk4j1MLiaoXIu2MeE5yhbS8UIMYu-boY8d59XUHnGhnY8GEk8ClzAPXpsZiG3rYwkpFYVghJUwc9TNyBuLn7-SgYSRcIXJhfDBP53VL_p9nBYrth8VSeHYgDLNpZoRDW608EC0jf_hjaeM0h3HyZpkutoX5pPvLQzc1jnxZpy8bt3ME-UNVMY-5QsiFU2fQeIS1AI7xx6xfaQ926jWjEh7_Xt2yKpbtV8-5c0Dz5VDkDsI0Yn4WevJwbEZzqK6LBbz7ptcbzZglnulok57ye8AAzoTQjNgX1BBLWdHCq18FUZ1Cd0bbF0gnNngr73Iv0wDNgdjproabx1AIH4muHfwAJbc1CsoyDMmUlqZxIyK39Httk62VD2taoaq7xD8BHSRqrVsASB6DBK7k8SG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo2.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 1 KB
1 KB 70ms
67ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/logo2.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5029bb9b6df0866823b3bf88daa825546e05656bcec6952c94e0bbd56f493d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 18:34:36 GMT
date: Thu, 01 Feb 2024 18:34:36 GMT
x-content-type-options: nosniff
age: 272167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1357
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 options.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 1 KB
1 KB 62ms
62ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/options.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68629e6f62efd45f17d04f89fff88245daa2abe7c016e454d690284d7ea5430d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:21:40 GMT
date: Thu, 01 Feb 2024 09:21:40 GMT
x-content-type-options: nosniff
age: 305344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1268
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F69A 0
11 B 62ms
62ms Image
text/plain 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HsY4mg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 22:10:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E43 0
23 B 97ms
96ms Image
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BjbVFYgvAZcLlIPKWvPIP9vSa0A4AAAAAOAHgBAI&bg=!X1ylXBPNAAa8BdJLnAU7ADQBe5WfOC1bRo4K_2EvVEKyGO43CJxxGeIBz9jloXlwXWNc6DPJRZkoLZOUozgKOVlK5TwBAgAAATtSAAAABGgBB5kDD2TbkICyzPlcL-oGBDlavNgROi9Nz4BgUqcS0qNcNCrgDjaZgzJB3N7MYykjypfiQbstDv-xuLvNQ2Nt_yN7uxAHBwz6VVQP44L1cBLNo7doll6XU3roSuCyaqfNDe_69e6kKduNzD0uKtp3HH2nx4vDWE-wkx3MmKSua_K8axBG9hlS52l-2kbh0O1dY54LdmASmoajdo79dS0vZrTNrI0NtHN1D8Q8rh9KIAu0hai8rxqogNk-0aiho5KnAd47pSU33SDA4133Texxwqk9mYsViYcCRhhaYAa-EmT_zAxu81FWcqhFs881m9HyTxcKwqVK68YI4bli83ajpHzh_cgOF9g2SJHeMuYHhZpxwcamJiA-_a8zrVln57Mr9Pq83Z0PwSy8S6fngP8O1TBHMaEzcJilNBgxjYQdrsD2mcPME1SE9Ln_pZkwKyAYl6ox28fFEagvBJQm09lWZIFmA_m5l2z1IXAwapTsWYgMwedH0mIKvcnCRdiSQaYLV9chKjGdW8LdL5LxgQ_O1e6XnyurhqQl-oW0cGPUCtqvix0QzeBeA-9jN9AN1Sk8LvbvzLrs2c_ExQTHmj5_CeUau40Cm57l0FUM6yI3cdh3CnhTivzTQJmiK6axhQ2eWx_y_yRBYtlVSm63WzkT-Lw62vgWc4WggwoZ1GZJR5jj1gZA8QkptxmR3U3yCk-bDIPKYM837UUcm9YCNaAcOiOivFvAsKu9Tcxy45S7MxxgrLx5Q_-ATIVxh9QWf2S_8IhnYwzIjX50ivUjrI9WJyZnkn6S-Utd9-OW9T1__20EofP7peUu5BS-PsskOTHXbznytrCRx_YYWlgZ0gcVQHhx6X7XryuHoPcwGmi96IFBhIeSv2kp3M4vFSYVyVy-NrwJnpVF51180UQd19vaeiNYV2NJmsDm0VF3jOokU8Y6ifJ4mVpTmvHJpCOQtPoLLvTOVELe5JMMvTCe1Tcm6bnMFQXCWWJDIQT_0SBZ3yhglPDXcYAPubGlQe6UW6_iYkvPALJ_Zc1C53zotSEgJmOOGg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 22:10:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wheel.png
s0.2mdn.net/sadbundle/8199748856208821014/images/ Frame A9DA 8 KB
8 KB 64ms
63ms Image
image/png 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8199748856208821014/images/wheel.png?1699369494953

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa345e51704382116d799728ed3bfbb970730dbedbb491c20f021d542fda2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8199748856208821014/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 18:26:49 GMT
date: Thu, 01 Feb 2024 18:26:49 GMT
x-content-type-options: nosniff
age: 272635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8170
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 19:48:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 Highlander_2024_APR.xml Show response
offers.seteventshowroom.com/xml/ Frame A9DA 1 KB
2 KB 711ms
335ms XHR
text/xml 2600:9000:24f1:7e00:1:2b86:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.seteventshowroom.com/xml/Highlander_2024_APR.xml
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:7e00:1:2b86:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6c28e6eea3607b760821f892b2d4931f50a69e887fa73a5564544a7c8e6b688

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 18:23:23 GMT
x-amz-version-id: kq3W7DjS1mQJy9Ze.oUd4b1FHx1sZO_A
via: 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 13642
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1127
last-modified: Sun, 04 Feb 2024 18:22:21 GMT
server: AmazonS3
etag: "27ab4ef35fbc89eeb908d3af51ce09ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: *
vary: Origin
accept-ranges: bytes
x-amz-cf-id: NxMhAykJ9GAwHnKK-X_9QZOTdk8qR_KHaVDeHUReH-gTkfb6sc5NAg==

GET
H/1.1 200
OK ToyotaType-Regular.woff2
07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/ Frame A9DA 44 KB
45 KB 206ms
71ms Font
application/octet-stream 23.43.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/ToyotaType-Regular.woff2
Requested by: Host: 07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com
URL: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/toyotatype.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.168.189 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-168-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dbfaa5cf90c9e9330ce0a84e9b797297f6f126e0fd0a949bd9d12a7b591cec8f

Request headers

Referer: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/toyotatype.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Unused62: 8096267
Date: Sun, 04 Feb 2024 22:10:44 GMT
Last-Modified: Thu, 12 Jul 2018 20:05:34 GMT
X-Serial: 4847
X-Check-Cacheable: YES
ETag: 02bb4181de44dac6862495bcf50e1963
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-Timestamp: 1531425933.42542
Cache-Control: public, max-age=583
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txb7bad7fba5524bf18de7b-00659d4015ord1
Content-Length: 45424
Expires: Sun, 04 Feb 2024 22:20:27 GMT

GET
H/1.1 200
OK ToyotaType-Book.woff2
07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/ Frame A9DA 44 KB
44 KB 406ms
271ms Font
application/octet-stream 23.43.168.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/ToyotaType-Book.woff2
Requested by: Host: 07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com
URL: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/toyotatype.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.168.189 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-168-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f6021e35bbb925986458d8101e7226272ad1b8f0b6cdbd40d1890cd72806475b

Request headers

Referer: https://07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com/fonts/toyotatype.css
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Sun, 04 Feb 2024 22:10:44 GMT
Last-Modified: Thu, 12 Jul 2018 20:05:17 GMT
ETag: 4841cbe4150ec0c5b031e8786223cfa3
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-Timestamp: 1531425916.94618
Cache-Control: public, max-age=754
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txe9414bca6d46404dbbd1e-006567a707ord1
Content-Length: 44768
Expires: Sun, 04 Feb 2024 22:23:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 150ms
149ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=3436147514831985&bg=!paalpunNAAa8BdJLnAU7ADQBe5WfOBVd9krAhSIuGc2939eu_Z0XvxHdw7ZiLuWU8iR2wj4k0qfaU4jfMtETMTAQ5hLMAgAAAV1SAAAABWgBB5kCwltCcrmU0lbGSDJUY4B6IzyUmZEamwjzjsh8kQRTbxIjZ9PEhfTdrjZ3AGzcCGlBy0RdgNkugfRcH6ABQknwIpCCccL9ej_u-b6h2Sl131CN5UCDCjnKdVbU4aUBWpc7NuoE5leKrzP7MtYIyn_A6ysOLHpOepHbzAYI8AlV4-UsyTUUlU2tIl0LhKcyB36H2WniNzF8TZhXGRiOBtqFqpeWvrF6-g6_J3edKAcaJqPPPtjOnHh0JYZr8qaIDzJYMKDgISA54fZ1X0nqzMOtrEElOdOZ6zj-XEH-tBvm6GIGBPZAvACWsG9H5ZVNczbofGMuBfSP_s3EJeFbMmrNGGthv4szjp5TP0SLyHYfiy0zPuPsehcJ298vCJ6VmM_1njgGq2J9OxCUKOu8LohOg1JZtHfyQf0WwtZHJAArvmBAxhD3CgtX1L45ElM00B-pIXpULxyYUFuLU7UlWnSGTm2QZLNPqJgIoHNPhRCoTUloo0YaqFRuRaJ8_gLv_Tukg7K_3AH8LAitF0kWUVTDFNW26O6vfN7lVhK1Ii7dsLDjJ9P4o24c8kPGMxbkSOOtCakBFHS9AcXlK8qpViwoWTzqcagEZ91Ca_2cxC1bHxZkeoz4dORCnLxJJ86xiBkHklXDXrp7QUPArl5X7VyahLQQql1WhvQ2hA-V1dn8EbHk7DtItw8PAruehUuY7N_ClNwq4FFAK_DPr3GqwiufEJ2EOhtYjEgHVxc-ij5yL7-l1FfgkAizY8upXO5McJ6Ku7u-Mh4hxxN1PUqf-TJ_xXTYGtv5GViENRUpvltdgrcfmYvc--v9HTzx3BM04q49vty_NClPiLgXmKjOqkbxExBYswmr30MWCqS4EXcKtyIeIe_gX1enxaOx7Cz8eschlD1BEpM4AlX7-l4PBhUT4FoUYkjhs9OfOLALtmpHHxh6HiY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://afkaralkhalij.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 8CD3 0
308 B 940ms
53ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=2477e1355be048cbbc7088092e82105c&flavor=1&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&prndr=0&dvp_rfrcl=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_asmm=1&vdur=320&eoid=29&te_strt=1&te_init=7&te_sup=2&te_exec=2&msrjs=5323&sdf=67108868&vit=2&isvelg=1&dvp_ime=0&dvp_dcime=0&dvp_dcife=0&dvp_dcde=1&dvp_dcoe=2&dvp_mpdce=script&rmi=8&tltms=438&tetms=33&msltms=0&vltms=320&sei=146&vetms=85&tuviims=98&tuviems=504&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=4&sim=1&iscvmeas=570&iscvmvms=1278&msrcanlm=1048968&msrcannum=4&ee_dp_tmads=2575&ee_dp_gmrd=1&ee_dp_gmamr=1&ismms=176&isumms=175&nvr=6&isgmmims=176&isgmv4mims=176&elmtp=3&isbxdms=2475&b0=100&b11=2569&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2669&sftb=2669&msrdp=0&naral=1048576&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1136&isuiabvms=1136&isgmpims=308&isgmv4dpims=1136&ispmxpms=1136&engalms=175&engscrlms=308&dvp_pageEng=true&dvp_dpr=1&vstsz=935&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3471
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sun, 04 Feb 2024 22:10:46 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-02-03T22:10:46

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
afkaralkhalij.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: d477e20900c2a166eafd3ceb0c4d40db
.afkaralkhalij.net/	1970-01-20 18:11:25	Name: redirect Value: 1
.afkaralkhalij.net/	1970-01-21 03:47:24	Name: _ga_ZECV0LCVML Value: GS1.1.1707084639.1.0.1707084639.0.0.0
.afkaralkhalij.net/	1970-01-21 03:47:24	Name: _ga Value: GA1.1.804276535.1707084640
.afkaralkhalij.net/	1970-01-21 03:33:00	Name: __gads Value: ID=6c874747d4a759b1:T=1707084640:RT=1707084640:S=ALNI_MasxT6rRZLVaj-C-8gk_UDA7KdH3g
.afkaralkhalij.net/	1970-01-21 03:33:00	Name: __gpi Value: UID=00000a0b6f87e300:T=1707084640:RT=1707084640:S=ALNI_MYDyHfkKNRwgg1uwjso2trfzBFMKA
.afkaralkhalij.net/	1970-01-20 22:30:36	Name: __eoi Value: ID=51c6cacc3a7e2ad1:T=1707084640:RT=1707084640:S=AA-Afjb8G9s-xFgzNE7EHffo7m2T
.doubleclick.net/	1970-01-21 03:47:24	Name: IDE Value: AHWqTUlmGOGpPgM8z7tWZWrmhdV35LQKWY8iyWDWhKnPPzsW0Z_zCCao2pUH27fA
.doubleclick.net/	1970-01-20 22:30:36	Name: APC Value: AfxxVi4PdHdJpzpQnzqTxNgbzMhJXQaddO58lK_qcr9thwgXhi7Y_w
.doubleclick.net/	1970-01-20 22:30:36	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 02:57:00	Name: CMID Value: ZcALYOI15HBdlQtuvVCfrQAA
.casalemedia.com/	1970-01-20 20:21:00	Name: CMPS Value: 1526
.casalemedia.com/	1970-01-20 20:21:00	Name: CMPRO Value: 1526
.adnxs.com/	1970-01-20 20:21:00	Name: XANDR_PANID Value: pzxxG0WvHuKk77roVc7w1nmsWkPHQf1nhD_yIQdmjNk322680q5yONSHC730TTNf-NDthm5rVqYDyBt0hmpU6yDicahPgfh1GvQ-XvNkJRQ.
.adnxs.com/	1970-01-21 03:47:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:21:00	Name: uuid2 Value: 8591468225930607042
.adnxs.com/	1970-01-20 20:21:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>8H<VE<!@wnfH8K6pQK`!5=E<L5?%M95eIMr/m7_NdUyPBi.zff4upO+AU(2JP6:?J%nugO%v4VB%nn2L+%_N
.doubleclick.net/	1970-01-20 18:54:36	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-20 20:21:00	Name: ar_debug Value: 1
.rfihub.com/	1970-01-21 03:33:00	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12DcjzqApKrCjVLfFxDA5MdirMKTYxKg7iNTQ3MDewMDEzMTI3s3jFiMK3BACXesIYPQAAAA
.rfihub.com/	1970-01-21 03:33:00	Name: rud Value: H4sIAAAAAAAA_-MSNjI2MzIzMDAxMTcxtzQztrAwsRTiM9T1C6sMjEgszA0KSHICAAVQEGclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjI2MzIzMDAxMTcxtzQztrAwsRTiM9T1C6sMjEgszA0KSHICAAVQEGclAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12DcjzqApKrCjVLfFxDA5MdirMKTYxKgYAYJIlox4AAAA
.simpli.fi/	1970-01-21 02:58:27	Name: suid Value: D8CE9E339271458FA34B23EF8E70D51E
.adform.net/	1970-01-20 18:53:10	Name: C Value: 1
.dotomi.com/	1970-01-20 18:11:24	Name: DotomiTest Value: a7fb86c4e620415
.w55c.net/	1970-01-21 03:38:46	Name: wfivefivec Value: VAr2YSHy1RwKHg5
.teads.tv/	1970-01-21 02:55:34	Name: tt_viewer Value: ffcdab48-ecdf-4145-a8f8-d05786baeb5a
.adform.net/	1970-01-20 19:37:48	Name: uid Value: 4130899086457282207
.w55c.net/	1970-01-20 18:54:36	Name: matchgoogle Value: 5
.innovid.com/	1970-01-20 20:21:00	Name: uuid Value: "0e0b3594-2696-458d-9ecd-88c9118ad5e2-20240204 17:10:42"
.afkaralkhalij.net/	1970-01-21 02:57:00	Name: FCNEC Value: %5B%5B%22AKsRol_DvwQaoEh7_ZdtleMCOGW9zviphSuSzkyZxx_wFGLstOyT8WPHd6RZ1GcXEADZXq9fqQZ8yA_swwAdkqpgFqFw3Nk9FEOzL5v-E4zYpRNj_idf-reqjcrtleElMddISu_CFUXRGu4AL_MrdhM9KK44Wn8Kew%3D%3D%22%5D%5D

125 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 103) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://afkaralkhalij.net/news9260.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

07fb79e47f24ba85a035-23d2fe6d511d84031e1a396b605ffdfb.ssl.cf2.rackcdn.com
a.rfihub.com
ad.doubleclick.net
ads.avads.net
afkaralkhalij.net
bid.g.doubleclick.net
c1.adform.net
cdn.doubleverify.com
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
offers.seteventshowroom.com
pagead2.googlesyndication.com
pm.w55c.net
r2---sn-q4flrnl7.gvt1.com
r3---sn-q4flrnek.c.2mdn.net
redirector.gvt1.com
rtr.innovid.com
s-static.innovid.com
s0.2mdn.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.176.194
142.250.65.198
142.251.163.154
142.251.35.162
172.64.151.101
185.167.164.49
199.38.167.130
23.43.168.189
23.51.57.155
23.58.91.161
2600:141b:1c00:30::1739:5a70
2600:141b:1c00:f::172c:c9da
2600:1f18:445b:901:fb7b:a553:bc85:f072
2600:9000:24f1:7e00:1:2b86:b180:93a1
2606:4700:3033::ac43:b159
2606:4700:3037::6815:4393
2606:ae80:1471:1b::1690
2607:f8b0:4000:47::8
2607:f8b0:4000:4a::7
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:824::2006
2607:f8b0:4006:824::200e
2607:f8b0:4012:81e::2003
34.117.228.201
34.133.71.175
35.205.207.25
54.172.223.177
68.67.179.166
00162fa3e3933971d043cbcf21e8449ae979b15a26392980801940771c4772c2
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b896cd0a01ea09e1d49b1cca294ca72d90b1385fdf00b943b6f8d6250185bc5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
144a5224e64f27b71cf915d2acc94dd4c380611eb752ce29ba195bc340fba351
15750b91c738ba7862b88ebaf125e157c32182b073637c35ee1525a9fae2b20d
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1ba5ecb50636b6e7e1098ae3105b62b4508b42e7b65e8a105914d00faa1c3d78
1c06a3138ca6e0b41c9d3c466cc80393f522d212c641c217fb9cd6aceb884d95
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fa22ba0a74aea1fc70a975f9366d22491d504c3aa25c40e0bbd7cabaaa5ba2f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2278ea11a0b0ce6e5b4b911b50312038095b6aa8b9664ba7ede8ce4e20dcd098
29f04ae9cfbb7db4aee606f26fc74dec128051808af9e6e0980f07e91eccc787
2cf83ab5ae86e50549ba36b548d34b733e5513faba5c5ebaef27495aae63e7b9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30d9d9037508e57d94da5992c94ee840fe70f155cd0a834d84dc0b3a7a5503de
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3dfa2f4f3e39c857f213c36b5e5242ad4e7fc9563a7ec3f6310a5524e3c4e52c
3fa345e51704382116d799728ed3bfbb970730dbedbb491c20f021d542fda2f6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
448998c350e5f8354df0cae3c548f04be742ad79ee6e94f2c9cb99f8e081a8cd
49c7728701329a1afd92478438430418ea270f685a582b3e08a77d1a1caab38b
4ae2dd71885ab8e878b53e49e4688e6523c66e02c67978d495d999bef68a0cd7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbd30439575c4c1ec03fe85c7a3ccb592b6d67e52a6ba7d57d35846577f3822
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
588d9fc04b31b5dc8356f39a0c20d639267b2b4135cc87aaf95badb6b047fb83
5dbd1a6c79b35ed09fcab834b712017d7386e0bea3350a9e3d6405ecaee74d7c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6417eb7ce92c273b3fcce2384d502e1f90bc73b27e3335132c9ea156431ccdd8
6582865f4daf9c82c43c702ea54d8713ae31f24f2915060423c8bb2423cc472c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68629e6f62efd45f17d04f89fff88245daa2abe7c016e454d690284d7ea5430d
693ec4c7c1cf33174e0251bcc11c4ec275a47ec056df547e4e81541b290d71fa
73dd5e07aef0497f58286ff3139a23e5f3d7b9dfcdb5416647def5152b69ce3f
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
84af93c376277b2fb1c7962b45ce84e1e0a31202815ceb873bd980df4378f62b
874dbba26924377cea9ca22d38f864df42ffa574e4bd958938082bccc589fddf
8c61bd05cc1f2cbb1c102fd7faf383bbb9ef4cc8c412fc7e5f339cf971e87b70
8d628e8349cc6f77938407709c2d955f3b35baa93922c4a3f74420a54f7aecfa
91217c57eae4b3ae285c521e113136e32fae8cc787076d9d08f164d821843167
94367e0b9ebcb40d409eb96c4b7a0fd4f7f90fc25eafc684af577a8c4a0c1791
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a0324ab26d45716447cdae9b1b92d6624aa401d795b2e67184288c8472bcef7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aae1f5dc0bd61a40b7b18df8478dca7d4cad4fc0558796bc3251844c5fc911d
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bdd9a6fed6a50ac7a5d666d07530ad601078ec01fcb6814317a9a4813a1ec6c
9dd3d4423e89121133927bf3945f6a8e37fb747d63916ed39347b928d8c1f0bb
9f75ebf9ad56a15b5d1a2069606626e64a7bb1e23daf7b3ad91d569c2bea1bd2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a205fb56d3b8e7969c2acc247e84d90029517720c5ad54928a4d64934b2dfebd
a3130b1388a8dd9d2ea2aa4e00c72f5f63ad34f37f26bc889360b648b77192bc
a6c28e6eea3607b760821f892b2d4931f50a69e887fa73a5564544a7c8e6b688
aad326552bd49129d4b31eb7766698a92950f23c6fbc80b401c893bf157c649a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b97b84a538c02699984032a173441aff0f7e46f967a42e327f1603414cf59b
b4bd75c2ba6a30e81bdea661fdaf82a77d616ef1924cf314981854dcb577d906
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0cc79ff0f7e7368f5ac9330bb80c08ca5f7fdbe0edf81901c9f7975b96f60b4
c46984040948cd91a49d685f4d79d48398a3b44b92d4fcd1adb7a20547b62ca1
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c8fea1e47b2b2b3c332efbd702e3622d9335aa55bdf49e80cc9b94bfbe8f1882
cae5309ec9b3c7fd42a94fbb41f7c07ac4429f6261d21a5e430da2d98ff9144d
ce0f2bbf23ce5e12917e2e51a01a3a06ed3104db31a7a7f1922f12aa5b1f0275
ce8370993ead11fdd699484f234fc93f2629665cf5ea5dd3ef67528b609013e1
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
d7071917e90ca0b6757fe729f1369e08eb075f8a13ec731d0400cde33d4bfebc
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
db2a887d72c63529cbb7538ded278f1a07ccb9c5819fb3e29cc260414ff38e94
dbfaa5cf90c9e9330ce0a84e9b797297f6f126e0fd0a949bd9d12a7b591cec8f
de8a6478357382485949c01b4a1259aad602fe642751c4dc7bd15189640dd7c3
e32d8009559a296d9123d03dfd6c46c106f9d3da1ca3abb468fff80a332dcf24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5029bb9b6df0866823b3bf88daa825546e05656bcec6952c94e0bbd56f493d0
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e609da1f2e9d546ab7737e6968c48ac4c2705fbab9d979993a796de568e6ebfe
eb16a4f2068af11558e6f4623e72e4cd345ad83cf533fa93329e6191a94a95db
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f37a3a406a119fefd3a66c90ebd6c89c95914a971b73b74c92c1258e444660e0
f58309f6361e67c1bfc3f0cd9fe217c931c95911b21129dbafb364e2a8902c19
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6021e35bbb925986458d8101e7226272ad1b8f0b6cdbd40d1890cd72806475b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f83c550cae34b97b3014e919ec59ee6455a83c2b5ab67f5dec7ec66e08b3d80a
fe694e450f2d0ee8030a41b20b9438ba141f71e1c62369856d41876607cd065a
feb386d8e6a6df28b4a598495b2add0847db424d462cc1f6dfe1f998c3b864c9

afkaralkhalij.net Open in urlscan Pro 2606:4700:3037::6815:4393 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

91 %HTTPS

62 %IPv6

26 Domains

40 Subdomains

32 IPs

3 Countries

3446 kBTransfer

40136 kBSize

32 Cookies

5 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

afkaralkhalij.net Open in urlscan Pro
2606:4700:3037::6815:4393 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

91 %
HTTPS

62 %
IPv6

26
Domains

40
Subdomains

32
IPs

3
Countries

3446 kB
Transfer

40136 kB
Size

32
Cookies

181 HTTP transactions
5 data transactions