petalpaloozaparty.freshnews95.com Open in urlscan Pro
216.128.146.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://petalpaloozaparty.freshnews95.com/
Submission: On February 17 via api (February 17th 2024, 3:47:27 am UTC) from US — Scanned from US

Summary HTTP 156 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 13 domains to perform 156 HTTP transactions. The main IP is 216.128.146.70, located in Elk Grove Village, United States and belongs to AS-CHOOPA, US. The main domain is petalpaloozaparty.freshnews95.com.
TLS certificate: Issued by R3 on February 15th 2024. Valid for: 3 months.

This is the only time petalpaloozaparty.freshnews95.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	216.128.146.70 216.128.146.70	20473 (AS-CHOOPA) (AS-CHOOPA)
3	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
26	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1 11	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4005:815::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
2 2	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:8::9	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
3 5	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
3	54.230.163.129 54.230.163.129	16509 (AMAZON-02) (AMAZON-02)
2	142.250.65.230 142.250.65.230	15169 (GOOGLE) (GOOGLE)
2	54.229.120.192 54.229.120.192	16509 (AMAZON-02) (AMAZON-02)
2	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
1	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2004	() ()
156	24

27 216.128.146.70 (Elk Grove Village, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 216.128.146.70.vultrusercontent.com

petalpaloozaparty.freshnews95.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freshnews95.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81e::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4005:815::2003 (Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.155 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200e (United States) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:8::9 (United States)

ASN15169 (GOOGLE, US)

r4---sn-ab5l6nr6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.32.98 (Queens, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.75 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.163.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-129.ewr53.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.120.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-120-192.eu-west-1.compute.amazonaws.com

neural40.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	590 KB
27	freshnews95.com petalpaloozaparty.freshnews95.com freshnews95.com	2 MB
21	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 ad.doubleclick.net — Cisco Umbrella Rank: 149 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551	153 KB
16	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r4---sn-ab5l6nr6.c.2mdn.net — Cisco Umbrella Rank: 81763 s0.2mdn.net — Cisco Umbrella Rank: 328	6 MB
15	gstatic.com fonts.gstatic.com csi.gstatic.com	55 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659 www.google.com	71 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	273 KB
5	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 27320 neural40.cdnwebcloud.com — Cisco Umbrella Rank: 33080	10 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 577	689 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	151 KB
156	13

	Domain	Requested by
26	pagead2.googlesyndication.com	petalpaloozaparty.freshnews95.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
25	freshnews95.com	petalpaloozaparty.freshnews95.com freshnews95.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com petalpaloozaparty.freshnews95.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net petalpaloozaparty.freshnews95.com
10	s0.2mdn.net	petalpaloozaparty.freshnews95.com s0.2mdn.net
10	csi.gstatic.com	imasdk.googleapis.com
6	imasdk.googleapis.com	googleads.g.doubleclick.net petalpaloozaparty.freshnews95.com
5	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net petalpaloozaparty.freshnews95.com
5	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	r4---sn-ab5l6nr6.c.2mdn.net	petalpaloozaparty.freshnews95.com googleads.g.doubleclick.net
3	bucket.cdnwebcloud.com	s0.2mdn.net petalpaloozaparty.freshnews95.com bucket.cdnwebcloud.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	petalpaloozaparty.freshnews95.com googleads.g.doubleclick.net
2	us-u.openx.net	2 redirects
2	ade.googlesyndication.com	petalpaloozaparty.freshnews95.com
2	neural40.cdnwebcloud.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	petalpaloozaparty.freshnews95.com
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.googletagmanager.com	petalpaloozaparty.freshnews95.com www.googletagmanager.com
2	petalpaloozaparty.freshnews95.com	freshnews95.com
1	www.google.com	tpc.googlesyndication.com
1	googleads4.g.doubleclick.net	petalpaloozaparty.freshnews95.com
156	26

This site contains links to these domains. Also see Links.

Domain
freshnews95.com

Subject Issuer	Validity	Valid
petalpaloozaparty.freshnews95.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
www.freshnews95.com R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.cdnwebcloud.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-21`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://petalpaloozaparty.freshnews95.com/
Frame ID: 500140DBE5A888E88EF1EE9371A419D4
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 3E8D366408804E9A0141383F39BEF11B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&adk=1812271804&adf=3025194257&lmt=1708141641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640766&bpp=6&bdt=564&idt=268&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6275307567005&frm=20&pv=2&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: 5EF8B8E96ACAE0A32AC4C8916AF74154
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355
Frame ID: 5BBE965BC9824BFD8A96B2E06F742C36
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C9154B745180469AC21FF5BE52E67228
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E9A9FE472AE431FE064F31A8339ABA11
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Frame ID: C913794F8E4AC0805D2E7DE46F24E1D9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY1bvscTAB&v=APEucNU5D1erjnUGusmKnZze303vttG0MDAohQ45_-AdwVtCTqwsPHdKzrO648Eb8ebjX0gsfUUKX_UxI4MgwrEuibpFL2_jeA
Frame ID: FBCBFB70C14DBCEF468FF49577137E19
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 6BC56EC056F2F2138F831C075F9B7924
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3C86C5BF4AC0BDFB06C1FC90FA3AFA21
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 328540AC38C1F857CD55F59B0866B58A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
Frame ID: C279BE313F11A4A24DCF9F1F8D11666A
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8BBF3A8438CB6DE0560DA3FC0ACD18CA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 7C4FBE57E3845E420C03FC3D234CE901
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5EEF96544B8FBC6653AC59A673565D3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E921FACAF2BF6178E7A70A8C0FC18BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Animals Lovers

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

94 %
HTTPS

56 %
IPv6

13
Domains

26
Subdomains

24
IPs

3
Countries

9669 kB
Transfer

12923 kB
Size

20
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://freshnews95.com/
Title: Animals Lovers

Search URL Search Domain Scan URL

URL: https://freshnews95.com/category/uncategorized/
Title: Uncategorized

Search URL Search Domain Scan URL

URL: https://freshnews95.com/l%f0%9d%9a%98%f0%9d%9a%a2%f0%9d%9a%8al-%f0%9d%9a%99it-b%f0%9d%9a%9ell-a%f0%9d%9a%8b%f0%9d%9a%8an%f0%9d%9a%8d%f0%9d%9a%98n%f0%9d%9a%8e%f0%9d%9a%8d-with-b%f0%9d%9a%8a%f0%9d%9a%90-%f0%9d%9a%98/
Title: L𝚘𝚢𝚊l 𝚙it B𝚞ll A𝚋𝚊n𝚍𝚘n𝚎𝚍 With B𝚊𝚐 𝚘𝚏 F𝚘𝚘𝚍 W𝚊its D𝚊𝚢s F𝚘𝚛 F𝚊mil𝚢 T𝚘 C𝚘m𝚎 B𝚊ck

Search URL Search Domain Scan URL

URL: https://freshnews95.com/author/animals/
Title: Animals

Search URL Search Domain Scan URL

URL: https://freshnews95.com/r%f0%9d%9a%8esc%f0%9d%9a%9e%f0%9d%9a%8e%f0%9d%9a%9b-disc%f0%9d%9a%98%ce%bd%f0%9d%9a%8e%f0%9d%9a%9bs-d%f0%9d%9a%98%f0%9d%9a%90s-s%f0%9d%9a%8ec%f0%9d%9a%9b%f0%9d%9a%8et-a%f0%9d%9a%8ft/
Title: R𝚎sc𝚞𝚎𝚛 Disc𝚘ν𝚎𝚛s D𝚘𝚐’s S𝚎c𝚛𝚎t A𝚏t𝚎𝚛 Ext𝚎n𝚍in𝚐 H𝚎l𝚙in𝚐 H𝚊n𝚍

Search URL Search Domain Scan URL

URL: https://freshnews95.com/c%f0%9d%9a%98w%f0%9d%9a%8e%f0%9d%9a%9bin%f0%9d%9a%90-a%f0%9d%9a%90%f0%9d%9a%8ainst-th%f0%9d%9a%8e-w%f0%9d%9a%8all-with-n%f0%9d%9a%98wh%f0%9d%9a%8e%f0%9d%9a%9b%f0%9d%9a%8e-els%f0%9d%9a%8e-t%f0%9d%9a%98/
Title: C𝚘w𝚎𝚛in𝚐 A𝚐𝚊inst Th𝚎 W𝚊ll With N𝚘wh𝚎𝚛𝚎 Els𝚎 t𝚘 G𝚘, Hissin𝚐 An𝚍 S𝚙ittin𝚐, H𝚎 D𝚘𝚎s His B𝚎st T𝚘 F𝚎n𝚍 O𝚏𝚏 Th𝚎 Onl𝚢 H𝚊n𝚍 O𝚏𝚏𝚎𝚛in𝚐 H𝚎l𝚙!

Search URL Search Domain Scan URL

URL: https://freshnews95.com/disc%f0%9d%9a%98v%f0%9d%9a%8e%f0%9d%9a%9b%f0%9d%9a%8e%f0%9d%9a%8d-with-lim%f0%9d%9a%8bs-%f0%9d%9a%8an%f0%9d%9a%8d-t%f0%9d%9a%8ail-d%f0%9d%9a%8an%f0%9d%9a%90lin%f0%9d%9a%90-li%f0%9d%9a%8f%f0%9d%9a%8el/
Title: Disc𝚘v𝚎𝚛𝚎𝚍 with Lim𝚋s 𝚊n𝚍 T𝚊il D𝚊n𝚐lin𝚐 Li𝚏𝚎l𝚎ssl𝚢, th𝚎 O𝚍𝚍s 𝚘𝚏 H𝚎𝚛 W𝚊lkin𝚐 A𝚐𝚊in S𝚎𝚎m𝚎𝚍 t𝚘 Diminish 𝚏𝚛𝚘m Slim t𝚘 N𝚘n𝚎!

Search URL Search Domain Scan URL

URL: https://freshnews95.com/a-s%f0%9d%9a%99%f0%9d%9a%8eci%f0%9d%9a%8al-b%f0%9d%9a%98n%f0%9d%9a%8d-f%f0%9d%9a%98%f0%9d%9a%9bms-%f0%9d%9a%8as-%f0%9d%9a%8an-un%f0%9d%9a%9es%f0%9d%9a%9e%f0%9d%9a%8al-g%f0%9d%9a%9e%f0%9d%9a%8est-b/
Title: A S𝚙𝚎ci𝚊l B𝚘n𝚍 F𝚘𝚛ms 𝚊s 𝚊n Un𝚞s𝚞𝚊l G𝚞𝚎st B𝚎𝚏𝚛i𝚎n𝚍s H𝚎𝚛 C𝚊t, B𝚛in𝚐in𝚐 𝚊 M𝚞ch-N𝚎𝚎𝚍𝚎𝚍 S𝚎𝚛𝚘t𝚘nin B𝚘𝚘st t𝚘 Us All!

Search URL Search Domain Scan URL

URL: https://freshnews95.com/in-dis%f0%9d%9a%8b%f0%9d%9a%8eli%f0%9d%9a%8e%f0%9d%9a%8f-%f0%9d%9a%8at-th%f0%9d%9a%8ei%f0%9d%9a%9b-c%f0%9d%9a%98n%f0%9d%9a%8diti%f0%9d%9a%98n-th%f0%9d%9a%8e%f0%9d%9a%a2-em%f0%9d%9a%8b%f0%9d%9a%8a/
Title: In Dis𝚋𝚎li𝚎𝚏 𝚊t Th𝚎i𝚛 C𝚘n𝚍iti𝚘n, Th𝚎𝚢 Em𝚋𝚊𝚛k𝚎𝚍 𝚘n 𝚊 H𝚘𝚞𝚛s-L𝚘n𝚐 D𝚛iv𝚎 t𝚘 O𝚏𝚏𝚎𝚛 Th𝚎m 𝚊 Sh𝚘t 𝚊t Li𝚏𝚎!

Search URL Search Domain Scan URL

URL: https://freshnews95.com/h%f0%9d%9a%8e%f0%9d%9a%9b%f0%9d%9a%98ic-st%f0%9d%9a%9b%f0%9d%9a%8a%f0%9d%9a%a2-d%f0%9d%9a%98%f0%9d%9a%90-shi%f0%9d%9a%8el%f0%9d%9a%8ds-5-a%f0%9d%9a%8b%f0%9d%9a%8an%f0%9d%9a%8d%f0%9d%9a%98n%f0%9d%9a%8e/
Title: H𝚎𝚛𝚘ic St𝚛𝚊𝚢 D𝚘𝚐 Shi𝚎l𝚍s 5 A𝚋𝚊n𝚍𝚘n𝚎𝚍 Kitt𝚎ns 𝚏𝚛𝚘m F𝚛𝚎𝚎zin𝚐 𝚋𝚢 N𝚎stlin𝚐 A𝚛𝚘𝚞n𝚍 Th𝚎m

Search URL Search Domain Scan URL

URL: https://freshnews95.com/en%f0%9d%9a%8e%f0%9d%9a%9b%f0%9d%9a%90%f0%9d%9a%8etic-d%f0%9d%9a%98%f0%9d%9a%90-d%f0%9d%9a%8eli%f0%9d%9a%8b%f0%9d%9a%8e%f0%9d%9a%9b%f0%9d%9a%8at%f0%9d%9a%8el%f0%9d%9a%a2-dis%f0%9d%9a%9b%f0%9d%9a%9e/
Title: En𝚎𝚛𝚐𝚎tic D𝚘𝚐 D𝚎li𝚋𝚎𝚛𝚊t𝚎l𝚢 Dis𝚛𝚞𝚙ts His H𝚞m𝚊n B𝚛𝚘th𝚎𝚛’s Z𝚘𝚘m Cl𝚊ss

Search URL Search Domain Scan URL

URL: https://freshnews95.com/c%f0%9d%9a%98m%f0%9d%9a%99%f0%9d%9a%8assi%f0%9d%9a%98n%f0%9d%9a%8at%f0%9d%9a%8e-in%f0%9d%9a%8divi%f0%9d%9a%8d%f0%9d%9a%9e%f0%9d%9a%8als-a%f0%9d%9a%8d%f0%9d%9a%98%f0%9d%9a%99t-kitt%f0%9d%9a%8en-ov/
Title: C𝚘m𝚙𝚊ssi𝚘n𝚊t𝚎 In𝚍ivi𝚍𝚞𝚊ls A𝚍𝚘𝚙t Kitt𝚎n Ov𝚎𝚛l𝚘𝚘k𝚎𝚍 𝚋𝚢 Oth𝚎𝚛s, G𝚛𝚊ntin𝚐 H𝚎𝚛 th𝚎 O𝚙𝚙𝚘𝚛t𝚞nit𝚢 t𝚘 Ex𝚙𝚎𝚛i𝚎nc𝚎 Li𝚏𝚎 𝚊n𝚍 Ex𝚙l𝚘𝚛𝚎 th𝚎 W𝚘𝚛l𝚍 in H𝚎𝚛 A𝚍𝚘𝚛𝚊𝚋l𝚎 M𝚊nn𝚎𝚛

Search URL Search Domain Scan URL

URL: https://freshnews95.com/this-c%f0%9d%9a%8at-h%f0%9d%9a%8as-th%f0%9d%9a%8e-p%f0%9d%9a%8e%f0%9d%9a%9b%f0%9d%9a%8f%f0%9d%9a%8ect-r%f0%9d%9a%98%f0%9d%9a%9en%f0%9d%9a%8d-e%f0%9d%9a%a2%f0%9d%9a%8es-an%f0%9d%9a%8d-ev%f0%9d%9a%8e/
Title: This C𝚊t H𝚊s Th𝚎 P𝚎𝚛𝚏𝚎ct R𝚘𝚞n𝚍 E𝚢𝚎s An𝚍 Ev𝚎𝚛𝚢𝚘n𝚎 Is Smitt𝚎n

Search URL Search Domain Scan URL

URL: https://freshnews95.com/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: https://freshnews95.com/page/16/
Title: 16

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://gcdn.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0F3CD5BFAC0C9F31C0B3B0169CD51ACE55C2B74B.34FD5CDA0E1F7038BC37406456E915DC1BCE4B6A/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52CC55E8714B4C5F05ADF33D79CB04B320C189A2.1FF80FA2D16A3CFED50115D27890B06FCC2E414E/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdAsStHM6kgAAAONAAOrlQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxN7gsF8gM2y_9AEs8Qb-k&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMxN7gsF8gM2y_9AEs8Qb-k%26google_cver%3D1

Request Chain 90

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgxMDMxNzQ1MDQ3MDU5ODA4

Request Chain 95

https://gcdn.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4BCE4B2EB4C597271582047FF28B0FB8EFCAB915.177F3CE3028A781B71FA5FCC411613A34F4D0841/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/506E5B625F02093859F1857841268CD960BD1E2C.9CB0EB44165750D3DA600D2135AB8D1E27999C/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 118

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqQ1AIQ9MLxjgMYpvT63wEgATAB&v=APEucNU0JCJgJPPhU6_Tg4ie6h4hrbVN9P5Lk4fbSjDBKOuFibDU8bwWDeHh8Jn6JCZFvDa3PGhsTK9SXG9LIoMChk-1Zy4U0BlGms8T-slBZ8X8zzbrllk HTTP 302
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZlZDc0NWMtMTdhMy0yMDEyLWNiNGUtNzgxNWM0MzhjNmI4

156 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
petalpaloozaparty.freshnews95.com/ 90 KB
91 KB 458ms
206ms Document
text/html 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 050607ff2603db539a410aa7a49e5b7a8f392ff6cc75a2a9114902b9c800605e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 03:47:20 GMT
link: <https://freshnews95.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding

GET
H2 200 style.min.css
freshnews95.com/wp-includes/css/dist/block-library/ 108 KB
108 KB 186ms
107ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
server: nginx
etag: "65b15ec4-1ae43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 110147
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
BLOB 200
OK 4c57a166-7753-4383-910c-27ad3db956dd
https://petalpaloozaparty.freshnews95.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://petalpaloozaparty.freshnews95.com/4c57a166-7753-4383-910c-27ad3db956dd
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
979 B 102ms
41ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20185357ab88094444afb8b9bcd2f4bd8eeaeb58cbe0f27c6a823994c02f4085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 03:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 03:02:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 03:47:20 GMT

GET
H2 200 all.min.css
freshnews95.com/wp-content/themes/blogita/assets/css/ 98 KB
99 KB 131ms
53ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/css/all.min.css?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: f0c7b8d85cf716a020ea19fac22314de48452bc98568517fabdb0ca99ce66930

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-189b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 100787
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 bootstrap.min.css
freshnews95.com/wp-content/themes/blogita/assets/css/ 189 KB
189 KB 183ms
105ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/css/bootstrap.min.css?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 20deaff9c96077fcdd7958eedd90d1d441d51498e382cd545dedb6eaa95b6f69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-2f3ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 193535
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 swiper-bundle.min.css
freshnews95.com/wp-content/themes/blogita/assets/css/ 16 KB
16 KB 183ms
106ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/css/swiper-bundle.min.css?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: cd064b12bf474f592e665401e05432a6407e5980a3a24175476da425933ffb64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-4003"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16387
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 meanmenu.min.css
freshnews95.com/wp-content/themes/blogita/assets/css/ 3 KB
3 KB 183ms
106ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/css/meanmenu.min.css?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: bb0ac9b634f5bc703946a5622284e26da37237e4122b5db2976d18d5774c907a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-a3d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2621
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 master.css
freshnews95.com/wp-content/themes/blogita/assets/css/ 42 KB
42 KB 184ms
107ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/css/master.css?ver=1.0.3
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 5e81483ecba6272a12d4953e06e81118baeb778e4917ec498142d9a182ede289

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-a8ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43263
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 style.css
freshnews95.com/wp-content/themes/blogita/ 1 KB
2 KB 182ms
105ms Stylesheet
text/css 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/style.css?ver=1.0.3
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: f1085f59c6b76fcab860403b7900d56c3225b5b51c04ca21a400e9b2fe608f18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-596"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1430
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 jquery.min.js Show response
freshnews95.com/wp-includes/js/jquery/ 86 KB
86 KB 184ms
108ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
etag: "64ecd5ef-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 87553
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
freshnews95.com/wp-includes/js/jquery/ 13 KB
13 KB 184ms
108ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
etag: "6482bd64-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13577
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 171ms
79ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2666445661948602

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e705579075b1a6776d2d97e61df34e75dd991058231d2405ec77088213719d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Origin: https://petalpaloozaparty.freshnews95.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51253
x-xss-protection: 0
server: cafe
etag: 8442870905742266782
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 17 Feb 2024 03:47:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 124ms
51ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-293457716-1

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35f72b332b9fba5918a2665dfaad3a8d869314a40a7194304ab51a3261a2e396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71043
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Feb 2024 03:47:20 GMT

GET
H2 200 MV83XzMuanBn-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 143 KB
143 KB 179ms
108ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/MV83XzMuanBn-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 996c9ba6058ee6c923859bc020e88987e79ccfd3024e4e4f0897dbc8705e9a6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 01:59:43 GMT
server: nginx
etag: "65d0130f-23c58"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 146520
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 VW50aXRsZWRfMV82Mi5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 199 KB
200 KB 90ms
87ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/VW50aXRsZWRfMV82Mi5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: f919be7d51df5a09c1518c47a5eca96403d4317ba44ff78fd301ecaa66d29701

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 01:59:24 GMT
server: nginx
etag: "65d012fc-31d28"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 204072
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 bWFuZ29fbWFpbi5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 189 KB
189 KB 90ms
87ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/bWFuZ29fbWFpbi5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: aed7a62ec82bcae3e3c4ba404127d3845027b11a7c64a29fa78447c9a48f1e53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 01:59:04 GMT
server: nginx
etag: "65d012e8-2f3e5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 193509
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 navigation.js Show response
freshnews95.com/wp-content/themes/blogita/js/ 3 KB
3 KB 34ms
30ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/js/navigation.js?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-ba4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2980
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
freshnews95.com/wp-content/themes/blogita/assets/js/ 78 KB
78 KB 35ms
32ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/js/bootstrap.bundle.min.js?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 02f554d4905a6125975237d1735f2d0f4b6382ab6b5a6b4806767ede85b4fee4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-13784"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79748
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 swiper-bundle.min.js Show response
freshnews95.com/wp-content/themes/blogita/assets/js/ 139 KB
139 KB 43ms
40ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/js/swiper-bundle.min.js?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: d1eff77ea5f031ba4a37d5328646643dad867691c993b0b3345c62899392fa2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-22c4c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 142412
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 jquery.meanmenu.min.js Show response
freshnews95.com/wp-content/themes/blogita/assets/js/ 4 KB
4 KB 52ms
49ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/js/jquery.meanmenu.min.js?ver=1.0
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: eaf2ccc92a9f802623e6eb69af21a03fc6ba48b509201e2ded5165b58f22957e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-fb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4019
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 main.js Show response
freshnews95.com/wp-content/themes/blogita/assets/js/ 3 KB
3 KB 58ms
55ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-content/themes/blogita/assets/js/main.js?ver=1.0.3
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 2234f3df716f86e56e227f80011d40c0ed650b200e58d96e9c9f1ef7f7f648d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Wed, 07 Feb 2024 10:37:26 GMT
server: nginx
etag: "65c35d66-a8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2698
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 128ms
52ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://petalpaloozaparty.freshnews95.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 13:43:21 GMT
x-content-type-options: nosniff
age: 137039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 13:43:21 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 127ms
52ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://petalpaloozaparty.freshnews95.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:26:20 GMT
x-content-type-options: nosniff
age: 130860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:26:20 GMT

GET fa-solid-900.woff2
freshnews95.com/wp-content/themes/blogita/assets/webfonts/ 0
0

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 125ms
51ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins%3Awght%40300%3B400%3B500%3B600%3B700&display=swap&ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://petalpaloozaparty.freshnews95.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:12:38 GMT
x-content-type-options: nosniff
age: 131682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:12:38 GMT

GET
H2 200 dGFsbHlyYW5kX21haW5fMS5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 152 KB
153 KB 40ms
16ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/dGFsbHlyYW5kX21haW5fMS5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 496768a8b02935618d786e3cf504d3ea2576e619778a7df1666558f87662106c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 01:58:44 GMT
server: nginx
etag: "65d012d4-260ec"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 155884
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 Zm94X21haW5fbWFpbi5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 167 KB
168 KB 51ms
27ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/Zm94X21haW5fbWFpbi5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: bea13f17d2f9fc3fcc6a3e6ef9d822839b7a97e22d42eaec0ccc63ca7fbbd00d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 01:58:22 GMT
server: nginx
etag: "65d012be-29ded"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 171501
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 Ym94X2tpdHRlbnNfbWFpbi5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 184 KB
185 KB 56ms
33ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/Ym94X2tpdHRlbnNfbWFpbi5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 2af8bdbd0674a1e2bd9c942377ff4ad076b65b54077c7fd2502c5ac5466195ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 01:57:58 GMT
server: nginx
etag: "65d012a6-2e08e"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 188558
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 MjE1MDEyMzhfMF9pbWFnZV9hXzNfMTU3NDc5OTM0MzcxMC5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 192 KB
192 KB 59ms
36ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/MjE1MDEyMzhfMF9pbWFnZV9hXzNfMTU3NDc5OTM0MzcxMC5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 653330e6bd446a36211dd80dcd6a43e89df9ffc780de1046a0485fe8c7125890

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Fri, 16 Feb 2024 23:49:59 GMT
server: nginx
etag: "65cff4a7-3001a"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 196634
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 ZmxhdHRlbi5qcGc-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 169 KB
170 KB 61ms
38ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/ZmxhdHRlbi5qcGc-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 09d0a61ccd24c3a5058e77fd468afcf734551bac448c6d1b630622752c2c1cc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Fri, 16 Feb 2024 23:49:35 GMT
server: nginx
etag: "65cff48f-2a58a"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 173450
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 tula-main-400x300.jpg
freshnews95.com/wp-content/uploads/2024/02/ 30 KB
30 KB 63ms
40ms Image
image/jpeg 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/tula-main-400x300.jpg
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 218dc188fda20f7029cc78147e42c6f704107f4304120da7ccd65b7976f8f634

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Sat, 17 Feb 2024 00:18:16 GMT
server: nginx
etag: "65cffb48-7926"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31014
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 Y29sbGFnZV8xLmpwZw-400x300.png
freshnews95.com/wp-content/uploads/2024/02/ 154 KB
155 KB 64ms
42ms Image
image/png 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freshnews95.com/wp-content/uploads/2024/02/Y29sbGFnZV8xLmpwZw-400x300.png
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: e34ce8bfe8c094317424083d89087c0f2a3aff70a92207c637c3034218bbfc1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Fri, 16 Feb 2024 23:48:51 GMT
server: nginx
etag: "65cff463-268a9"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 157865
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET
H2 200 wp-emoji-release.min.js Show response
freshnews95.com/wp-includes/js/ 18 KB
18 KB 32ms
29ms Script
application/javascript 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://freshnews95.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 216.128.146.70.vultrusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
etag: "63db0985-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18692
expires: Mon, 18 Mar 2024 03:47:20 GMT

GET fa-solid-900.ttf
freshnews95.com/wp-content/themes/blogita/assets/webfonts/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 50ms
48ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M4WLKSXSYQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-293457716-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab2b36d61831bd8857f20d945e722f07008657255d0de87551618a79e54b9c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Feb 2024 03:47:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
29ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-293457716-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Feb 2024 02:06:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6037
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 17 Feb 2024 04:06:43 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 406 KB
138 KB 127ms
72ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2666445661948602

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3047048f4ac82b9cda4d283a1716988c9688b56d583bdb70771da218bc999ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141050
x-xss-protection: 0
server: cafe
etag: 14059654386383519743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:47:20 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 3E8D 9 KB
5 KB 96ms
24ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2666445661948602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:13:37 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 19:13:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
183 B 46ms
41ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-M4WLKSXSYQ&gtm=45je42e0v9176459792za200&_p=1708141640511&gcd=13l3l3l3l1&npa=0&dma=0&cid=1345998507.1708141641&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708141640&sct=1&seg=0&dl=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&dt=Animals%20Lovers&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1169
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4WLKSXSYQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 47ms
36ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1551076646&t=pageview&_s=1&dl=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&ul=en-us&de=UTF-8&dt=Animals%20Lovers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1666156608&gjid=572961594&cid=1345998507.1708141641&tid=UA-293457716-1&_gid=325290662.1708141641&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1763608656

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EF8 259 KB
75 KB 562ms
533ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&adk=1812271804&adf=3025194257&lmt=1708141641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x540_l%7C404x540_r&format=0x0&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16~19&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640766&bpp=6&bdt=564&idt=268&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6275307567005&frm=20&pv=2&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60f7edde0e0174b1e3d5c4c1332b1b9f25c173c3bbe1fee8a07dc8e5b5d7b29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 76129
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 03:47:21 GMT
expires: Sat, 17 Feb 2024 03:47:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BBE 92 KB
28 KB 422ms
410ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f862b2c9bae54d7692ecac498399b6c0a24a17a64a18c62de10def90b6f0d638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28671
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 03:47:21 GMT
expires: Sat, 17 Feb 2024 03:47:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 5BBE 23 KB
9 KB 107ms
28ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5BBE 9 KB
869 B 51ms
39ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 03:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 03:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 03:47:21 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 5BBE 15 KB
3 KB 108ms
24ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 08:19:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 5BBE 379 KB
132 KB 109ms
26ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 05:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 05:14:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 5BBE 20 KB
8 KB 99ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/ 165 KB
56 KB 101ms
100ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/reactive_library_fy2021.js?bust=31081135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5b4eb2cbb493462f13b742a20822298a9389fe54e3be5c0804214dcdbb7db02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: cafe
etag: 9540256672220439220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:47:21 GMT

GET
H2 200 ca-pub-2666445661948602 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 214ms
70ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2666445661948602?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f051a44882876c8ef860be2886a1411e42d9d4ac6e403e7512341ce9bd458ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ecis6wjzIVjXsIPNBgy1Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ecis6wjzIVjXsIPNBgy1Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo6TNw6sYxO40L93GzMA_P1HqA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5BBE 0
234 B 721ms
222ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lspjfi3j&c=2954078048595&slotId=1477039024297.5&qqid=COOE_727sYQDFTvq4wcdO8QOGg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BBE 15 KB
16 KB 48ms
22ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:25:26 GMT
x-content-type-options: nosniff
age: 102115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 23:25:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BBE 15 KB
15 KB 47ms
23ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:37:10 GMT
x-content-type-options: nosniff
age: 130211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:37:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBE 0
20 B 112ms
94ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CA1wdSSzQZaO8C7vUj-8Pu4i70AGgoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoEzAJP0D0RiSvScAXh11iQcMNpFtD24-LF5fkzc84bpJNxb1xF5Al9rpburBD6sycd1Nrr-aR3VJ9B04Vqyx2iMiPcBykRuklMjF_iD7ZQkV9WXVBdQ8D4wVI9WFeaxWY-MPEcf6E2R6vgqQY1TopwJO7NiU2kSTYmnVuPduSNJ1eDl8KVSUAcrX-us8ne41eP41ohRfBPQvFyxYIkSrwfdQCqw0VID0Bfh1CSkiXvBkmFkT2cIAgnSmyqXoyiabbqMVZeI8lLJ7OWHo2AAxfU4vKcDbevgczk05zX6WGQlxomlL3nqH9Z2PcgwQ8HdbqBwsKzyvVZN3kIdEzlin6vZNE15tGoK18VEiTg86S16jabnDrXXhDPcPpQQiLS64GancNCcnvq-DYJwmBfLeBHEnpPbe5JuO-NWaFRz-iI_n_mgo2HU7NXafSZwtItusAE4bCC4OYD4AQDiAWzlqboO5AGAaAGdoAHtd_HjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WM3H_r27sYQDgAoByAsB4AsBgAwBqg0CVVOwE8HaxhbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwQ&eventType=clickstring&clientTime=1708141641865&ai=CA1wdSSzQZaO8C7vUj-8Pu4i70AGgoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoEzAJP0D0RiSvScAXh11iQcMNpFtD24-LF5fkzc84bpJNxb1xF5Al9rpburBD6sycd1Nrr-aR3VJ9B04Vqyx2iMiPcBykRuklMjF_iD7ZQkV9WXVBdQ8D4wVI9WFeaxWY-MPEcf6E2R6vgqQY1TopwJO7NiU2kSTYmnVuPduSNJ1eDl8KVSUAcrX-us8ne41eP41ohRfBPQvFyxYIkSrwfdQCqw0VID0Bfh1CSkiXvBkmFkT2cIAgnSmyqXoyiabbqMVZeI8lLJ7OWHo2AAxfU4vKcDbevgczk05zX6WGQlxomlL3nqH9Z2PcgwQ8HdbqBwsKzyvVZN3kIdEzlin6vZNE15tGoK18VEiTg86S16jabnDrXXhDPcPpQQiLS64GancNCcnvq-DYJwmBfLeBHEnpPbe5JuO-NWaFRz-iI_n_mgo2HU7NXafSZwtItusAE4bCC4OYD4AQDiAWzlqboO5AGAaAGdoAHtd_HjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WM3H_r27sYQDgAoByAsB4AsBgAwBqg0CVVOwE8HaxhbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5BBE 0
54 B 667ms
223ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lspjfi4r&c=2954078048595&slotId=1477039024297.5&qqid=COOE_727sYQDFTvq4wcdO8QOGg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.lj&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5BBE 30 KB
18 KB 269ms
85ms XHR
text/xml 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AWppiBTM2N5WNH3WUeqxfLbuj9KuseAtMydqkDj0x7TbKp8m1T1kpXMw0rcwM_UqqNbmrVB-qVwPjtGjnqHEwnSo26hw&cry=1&dbm_d=AKAmf-Aq2biTN_1h9oF3L-W4JiFkMbO-KGwh6szcSoMSV-HcGWZh4Lnhs7XuCINfy5mm5mDcJxemfrN4S89FxTEx98glM5gcZjewqslRuyAlzs-rQAQ1q_-_XB3TCdSABlrND8A3ncBFFBDAszKPcIA0VqPH9foskUwS7yRaBLLAya8vPIMa6nbKDee_QkWXklpwioaSg6Lprx38P6p1jiIl9PkScyQqqRVUSypdNjyWldZsQft5Ih23jxpV6Ji77CKk3zeRA2BG49Wn7YbukcOrdEXQeG8WYjzJNEoR3tpLfnvrjcHqSnHWQEqUDXqyAaDMaMsUrHAmFVkEtcVBi2Qo0BT6ZrMLLc8mUsAyjEwH5NgzAP-eITJ73bg1ohQkCxgj6l_ZG2TjujwK4c4C8Bwp7Y7WVxyOMM_SYi4vK5UuyZ4D3AAcm-XtmPlFQNjmd3vLb4xQT9qfy2EPqKGK5lxbdgwYc-zw1sYNgqaM-lYQesHx_771OfeREbURhGCtsid9bFqVPun4eL-yVBCpP_X-IAWXcnBe_mYcn9mlbNT2GFOr-bALKPeVOIukt9dhBl0D8ilygYfRaZg9EJR8VpEdX-h7R5Eeqpm1SJtJfBNsalEWUOcLZJK7jyXfwCZF5UAKHHo8cX2luRCakdAufPMRvr5KrgiGIHvk-oZsBhdy-pS3qgHy_L2zK36AdrMbQhXg4POa_awX0uKi_xBx99btk4IntOmo7JAzauBGCDeFvD_xbm5DciR9aycGYobwBTsB-Q1sXmjNcQGwlpw6KmNt5TERwKtYbHsduZHreP3yIOJVOFjxRoOvMCZfpIvWrDlH2YIu7Bg7XFx9hNw-FKU-U9t7NaYZiaf7_1wS2-33qCbPh4ASVtpUGJ5vBoihz7DQ_Yl9GGIici0W5rJM_DJtYICk_bOz59raEeWVGk_D1Q3eUiyqG6ccnSy1KUdTNwlT76ehilZQyKercb7uLIHXZTgm6QLuIwl2cIDB0Ssr3W7QtZSuK4LNSh01V4u-kL4Y_oq86sjWw0qBr-dL4Ms9lMZfkw6e6X2xVPjLebdvK2hk7VA6vIpmbrACN81HVo2xkoMqoSDQ91U8w6qbnuT1RIuy7JqZINtwJdpdcg82DTZPCjWQGdioPrtT8VTDBLP_CU5SbX0MgGZ9OQvHKoCTFKje5U7oWmXowxHjgDsSTaLxE7ErTdF4C-kJOpl-Ty3tEl_-l7iUHuDJEE803vv18LClhsqgaHNbW3h1En1ZaRhozIb56vMJ7n32qZ-3nILbhl9JuL7YYj1kGg-hJd_15VnaaqYUOVudtLi5c0esC90wR77rQUXZEsZnZhxXVJ4FlGLyOmeX1fqc_B8ZjClPu6nujTlyOYLy879feyAKM_ZDbegcrDqbaw2WD4JrDPqvBTHphEdmnEHxxHljIL0EPo6K_RgdoEi8kPVERZstluiDFlfe3bijYvbs95GJnWsVpUa8oIJhVJOCQxfFU_bbgtxlBK9C1TeL97S-XvWbQayAyyWqYK1XvlHUaq85iflJzs4ouY_CxKnK1iJY8Jaamnwe-RmL5l4slbrJJbNIwhY8I-9VJyARtLTYtCZ_-Eipp2OLs5mPEt-skM-cvdaUfdE1WUIvyWYWDFcoACS-MLmSHFhhFyL7-dlypuJAyuAxnklJ9cpOwmHWAXco6fPuskPW6w0gRw-g5okU4JuJdb4OBKyhZyI4sXb_eEUT1pYErtIq138Iygrw135yK6Arz61IZ47e5d8mqp2U1jDSFxJX8aTG3QROsJHzDm_eD-dPZYmT7kBhQAQtiGKyUf4KhwCpae_H3Uq_7ECujTbcvJQBzlIsJcJSwfi4OaX2kW_EM22kgK_gWYutH2bkgOx7YnlAzNpWA_haRDwFOWaiR-OYAaIreq5hXaKFLJx15WUOlowMNDMaP36jHTb6URJVrHyYDQfhHfUAxO4j1t7oAIfOMFdr_dZ4ApkTAzO-5_-BSdQ2c5xpxvnW3qgZe0DE55xbOBt7dY6y89EV1FsdAT1IHFaOX1iczYGuM-dRc8XR6I5LWTQIbJos5y11TlbM5ezmagBRe3hIyJI2EZlXM8vCtBrI0yH7Xe-QGYDkAcwB-ryemayaiJmZnjtUSEsmbjIwl8Ly6KfGvvsEpgM4V1qvIxAToHy2dlIxdo_msJI1MJIt2wn3gFA5z2VUBqLW7MNfgZ-guWDprETDt8LfscHmjb7ssqZl0s-P51GlA_6JiddUwUK3ZM4ldbw9rgwVCQxqfjqiW3xarKgvg18v_Ng1IQlIUM9j1_0sOfZha8VSRKelBzIV3ZjvkMPun4zGms7EgxoP0ftQCGYAyAXsW_780nTxboGX2aMDUAi8LbELLV0CBnBIrX061RJBYFSq7W18LxnMdu-qc_eNiGWi3d0oETytC1JHM23F6XB0VFWYUUuBF0pX7fRbgLGGHmhYQmd-lMmzFn-YHDEpwj-lWy-L5H_zZdiLAPuFSAfrOK9XyM9VdNlicyUTyjDG3IBnfiN44P9Ltw3HiWE1JLPu7oxfofOdbieroBqaIGaPYUAtl9LYhwnkcGEMv2-tspZcA5J1tYZgUcOZn6-G8Etrqxsj1cHeKR3fI0-QmzHtgu2KtHChaBCyrPMFv1G_xVWO9Sn7K5ysX8lQFhK_WRrUws8O5mxx5e1NJ4BUCXjYrm2r5xDZIA-KIP4r8IWLhtC0a96mlaBbKRzHDoXyVXmnCnN2fzkgeHe9O14uf5Mj_OZH1efcFodYZ03a92PiV6uTeNaT9JFNwLN4tRiREPTYpMwd-nMvkAANe6gLu6wDxmIEivDEvICCdy2AfFqVi-avnp5V5Bba19CBt9acKLABFmQqxQCd2LDZz75BQBcpYiQ2Q4SsoApqCcv8Jk-o4BFX9SFaLGn7yicVBsa9Kz2Z3YkRP1cq_fPL6q_IwnBdNEb4tFrIAgA1rJQgZVfoOe-cjrfpxMzHH7LnYEin2v6Ihq7CwqDdZLvG0kW-0CJFNrYU0WAf1K3YXks1ToowLocTXOv0qwH-tqCjphJJkrIPkytEFsYWx4r6BTBstfC_r6ZmNx8BAScz3_yS-VQTdt6k1jp0y7CClKEzMuq0KiFn34HkjjrM9Z6H2Tu8E9y9peiJuziaVLzeRwtG6a7tCMHO2PTgfKJWd5-x8c1VoNDBI1o1pfNhQBgKaxdbMOH5ZsC114x7uI-RryJadygk0gxJ0tHJJVZkO2QQ5wvg25LMWgQIDKA0BPFk4I7_blQ91iqYXgwQG94uD8bW2-L1QxSJZ_LocGz_y8fd72rd0bNm3-VNs27kZ3VqYfCHxweOIhNB7SaUArdKYBU0uk4o7Wb53OpE0YzX2zbNgFVGnFW9AyY8oKOQU6arMgiUnhgP7KhKpK6fr8KaDnC-k7e-9A0lhw9mFqJep3071Ipeg0fKscCU5UXuzHZuaTE6RvyxsyM9O1m2ghMess2FqwCiOqhZ2TJbSB_4RtkU8b_OlJ1uDIVXv9Yc0-HbSkS2R_6uKr9_HrFbUh7jpYb7_XYKyjuURBYCC5sqTp9-lUaLIjLVp35cOzFnOgs5ANHZGhOZezCfC-DoK9HZu0Y5IwDJTF_NOVnj8SK7OYQeWK6OXlCc-3n0Aan1lyrz2XAAcc7xU1DpSYXn1KHl7BEaMUSK05cFq6-PbevdV1BrfxCD3J2wW5XNIzTcNOfwHHfYZ9bo2WWwzGw3XvnCO2pwkeHbxfaSgoN3U_ROJf7dOQqRpIy_ZARTtN7XjvYnjm47KlFxhDb-dNefbztMARZvh3mjdQCz08ssOf90QWihTseHiJh6OZssREx2zQNYnyekYxhycIWEd2pf47DSwkIfBhrAWecrog4TyEPmDS5osYddgUUvXojh3S_SrpPVgXQQopQQd80fI0eKauVvDOxjUzyxFQcnKbk5Kvnb2v__9XmW3U2bWygv5NltvJxYHbsjLcg5ncl5cdqqildhAPipuGIhg8jMY7iDUwkUKZMnZnBVzaUCLo8CJUxyKBg1gMk-TdCRPbhkm51UrWuI_m557_lJFhqObRmfeP8ogZXbT0pgAdfBpwRBfA_6tfs&cid=CAQSTwAvHhf_TYekNFuW46iQZSyIFB5XHZYw69KatrjajbbOUtFX5hG_oLmAMuzf7zW-6N6VJyja9jd_oMlLEhv_TuU3JptFziNTm5454OqiQ_AYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

d0557b6a9b249ae7cf18386c9b9f0ab9ff7515800134e686e094807f18987133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17697
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5BBE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14b505ce76de15a43f18054e2fcf5a60c583e55642a99748d3ae11f848eb9754

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BBE 0
0 84ms
70ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAr42SSzQZaO8C7vUj-8Pu4i70AGgoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMBqgTJAk_QPRGJK9JwBeHXWJBww2kW0Pbj4sXl-TNzzhukk3FvXEXkCX2ulu6sEPqzJx3U2uv5pHdUn0HThWrLHaIyI9wHKRG6SUyMX-IPtlCRX1ZdUF1DwPjBUj1YV5rFZj4w8Rx_oTZHq-CpBjVOinAk7s2JTaRJNiadW4925I0nV4OXwpVJQBytf66zyd7jV4_jWiFF8E9C8XLFgiRKvB91AKrDRUgPQF-HUJKSJe8GSYWRPZwgCCdKbKpejKJptuoxVl4jyUsns5YejYADF9Ti8pwNt6-BzOTTnNfpYZCXGiaUveeof1nY9yDBDwd1uoHCwrPK9Vk3eQh0TOWKfq9k0TXm0agrBxSI0XNh4idn7mSUzCgJwycPErhm51u7RTvC5Uj2csPgvelTMJuGO2g8Yp-nHjZQJSJ3jUlABW_2ieEaUZpsj623Z691wAThsILg5gPgBAOIBbOWpug7kgUJCCIYAUjTk68BkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAe138eMA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcKEOr6Chim9PrfAdIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljNx_69u7GEA4AKAcgLAdoMEAoKEKCzsbaAxcmEIRICAQOwE8HaxhbIE_uDit8D0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTI2NjY0NDU2NjE5NDg2MDIYAOgXBA&sigh=wXXcDmteZMw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_TYekNFuW46iQZSyIFB5XHZYw69KatrjajbbOUtFX5hG_oLmAMuzf7zW-6N6VJyja9jd_oMlLEhv_TuU3JptFziNTm5454OqiQ_AYAQ&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 03:47:22 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame C915 9 KB
4 KB 28ms
26ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:16:19 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 19:16:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame E9A9 9 KB
4 KB 35ms
32ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:16:19 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 19:16:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWJtpVtavNAOn_kNH7-A-_NSa8dd6Pp2DJRGQJZun663cZjjuCG52dNA7s5eHlscPZ_Z7ilL928ja7ZrMftoPEEKxcuU5rXJusbkvrv9VzgUr-n00qmaliiLeJZ3lTEgKxUY5XcAA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
59ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWJtpVtavNAOn_kNH7-A-_NSa8dd6Pp2DJRGQJZun663cZjjuCG52dNA7s5eHlscPZ_Z7ilL928ja7ZrMftoPEEKxcuU5rXJusbkvrv9VzgUr-n00qmaliiLeJZ3lTEgKxUY5XcAA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTQxNjQyLDE2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wZXRhbHBhbG9vemFwYXJ0eS5mcmVzaG5ld3M5NS5jb20vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aec333ba15f0f3b69d0cc2e24942530d78333fc754a7baaba8a351ddeb7bec8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2OkWSlCoSbm-MaoWB_fElA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-2OkWSlCoSbm-MaoWB_fElA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhbo5TNw6sYxPYseV1CgC7OUeX"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5BBE 0
54 B 365ms
224ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lspjfi67&c=2954078048595&slotId=1477039024297.5&qqid=COOE_727sYQDFTvq4wcdO8QOGg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BBE 41 KB
15 KB 41ms
28ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 12:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 12:34:13 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 5BBE
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

116ms
25ms

Fetch
video/mp4

2607:f8b0:4006:8::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52CC55E8714B4C5F05ADF33D79CB04B320C189A2.1FF80FA2D16A3CFED50115D27890B06FCC2E414E/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:8::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 03:47:22 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4095149
Last-Modified: Tue, 31 Jan 2023 22:44:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 17 Feb 2024 03:47:22 GMT

Redirect headers

date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/52CC55E8714B4C5F05ADF33D79CB04B320C189A2.1FF80FA2D16A3CFED50115D27890B06FCC2E414E/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 5BBE 453 B
590 B 33ms
22ms Image
image/png 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2666445661948602

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:08:23 GMT
x-content-type-options: nosniff
age: 2339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:58:23 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5BBE 0
54 B 352ms
224ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lspjfier&c=2954078048595&slotId=1477039024297.5&qqid=COOE_727sYQDFTvq4wcdO8QOGg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1981&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ul~atrd.uq~videopreviewvisible.ut&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame C913 23 KB
9 KB 61ms
44ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C913 9 KB
773 B 73ms
63ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Feb 2024 03:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Feb 2024 03:31:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Feb 2024 03:47:22 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame C913 15 KB
3 KB 39ms
22ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 08:19:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame C913 379 KB
132 KB 40ms
24ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 05:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 05:14:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C913 20 KB
8 KB 42ms
26ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame C915 15 KB
6 KB 63ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:15:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame C915 22 KB
9 KB 45ms
33ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 22:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 22:15:14 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FBCB 624 B
242 B 85ms
73ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY1bvscTAB&v=APEucNU5D1erjnUGusmKnZze303vttG0MDAohQ45_-AdwVtCTqwsPHdKzrO648Eb8ebjX0gsfUUKX_UxI4MgwrEuibpFL2_jeA

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 03:47:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6BC5 172 KB
61 KB 115ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 6BC5 8 KB
3 KB 35ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:53 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 6BC5 23 KB
9 KB 49ms
41ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:53 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6BC5 41 KB
14 KB 49ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 19:42:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 6BC5 3 KB
1 KB 50ms
39ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:24:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 6BC5 20 KB
8 KB 59ms
49ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 12:56:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 12:56:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6BC5 204 KB
61 KB 60ms
49ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:17:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 04:17:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BC5 42 B
63 B 102ms
91ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DnRSW8p_4yFcwZYjTtgUqcMY7hVbF5DaP1VslETNNlGH9r5edEj2wkDbTOESCsh6_E8qoHc42kr1P6WZuaHiGS9eEXqf-UMPEF_25D0o7zRcDiRUw

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXLlCOerErHJ-FvngB_wQVFM6dTPmR_hlz4Q2pRqSenfxKsmb9CDIl7zon951nsIgZNN_O4Vw8_MscyuI7mkiVACmq6vJeMsEs9xDo46sQOl5RrZnBoekdtVHm9rdK8jjy3ApSHzQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 67ms
63ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLlCOerErHJ-FvngB_wQVFM6dTPmR_hlz4Q2pRqSenfxKsmb9CDIl7zon951nsIgZNN_O4Vw8_MscyuI7mkiVACmq6vJeMsEs9xDo46sQOl5RrZnBoekdtVHm9rdK8jjy3ApSHzQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTQxNjQyLDQxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGV0YWxwYWxvb3phcGFydHkuZnJlc2huZXdzOTUuY29tLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad840ab2de3c3dd88174356ea4e811fee92f2b5f272ac98a4521bd53a34b003d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ucCLVFkU-Q_827zaEuXKpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-ucCLVFkU-Q_827zaEuXKpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXFEKghxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePBwvfuumsKkCsu346aygQbzkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6OUzcOrGMTeHHs6B1GAGCqTUA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C86 23 KB
8 KB 34ms
27ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 153095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 09:15:47 GMT
expires: Fri, 14 Feb 2025 09:15:47 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C913 0
54 B 223ms
223ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lspjfil4&c=2859449502754&slotId=1429724751377&qqid=CN3Agr67sYQDFR3e_QUdutIKvw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C913 0
20 B 99ms
95ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=ClD0DSSzQZZ34Dp28998PuqWr-AugoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoExQJP0H_HMfFmWvg4XuAuClkiz8QfTC7fqLlX1qqT7JcnL0JbQjmysMD0CI4S5eseOz-beDV2FieYqL-AkEVmaGc01udlqjFIF24i8Adx9ooSBl3d0-7bdnKiaw7zlYzO4Bzpioa64wj9pLtVTAIg1Nck8SM97-Lzv7FXggWqxxba_5ATbCEC5Id3LGzSGXA9pLnu6C4MXrGQyPaN0ClK1vFInHk4B49E78YaDI_vUjc_bgR0RQJSPTD2wWTwwhyVoa-GH4qg4AgVpHFQj_vsC77LbDh9VmdwiX485ne80jBrNrppyxoVCFpSppPT3wEf7f5UkvsZTR6RTYtBUGtsNlUFB8NTjEuKbb8Zpo_tE88tw3sWbh2XWApM5sanj7RLvJ4T3le2vlcQPBL3ba7XxYP-lnrMeEX9IoJcr5F-2lTlgHrRNBoFwAThsILg5gPgBAOIBbOWpug7kAYBoAZ2gAe138eMA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYlMeAvruxhAOACgHICwHgCwGADAGqDQJVU7ATwdrGFtATANgTCogUAtgUAdAVAfgWAYAXAegXBA&eventType=clickstring&clientTime=1708141642467&ai=ClD0DSSzQZZ34Dp28998PuqWr-AugoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoExQJP0H_HMfFmWvg4XuAuClkiz8QfTC7fqLlX1qqT7JcnL0JbQjmysMD0CI4S5eseOz-beDV2FieYqL-AkEVmaGc01udlqjFIF24i8Adx9ooSBl3d0-7bdnKiaw7zlYzO4Bzpioa64wj9pLtVTAIg1Nck8SM97-Lzv7FXggWqxxba_5ATbCEC5Id3LGzSGXA9pLnu6C4MXrGQyPaN0ClK1vFInHk4B49E78YaDI_vUjc_bgR0RQJSPTD2wWTwwhyVoa-GH4qg4AgVpHFQj_vsC77LbDh9VmdwiX485ne80jBrNrppyxoVCFpSppPT3wEf7f5UkvsZTR6RTYtBUGtsNlUFB8NTjEuKbb8Zpo_tE88tw3sWbh2XWApM5sanj7RLvJ4T3le2vlcQPBL3ba7XxYP-lnrMeEX9IoJcr5F-2lTlgHrRNBoFwAThsILg5gPgBAOIBbOWpug7kAYBoAZ2gAe138eMA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYlMeAvruxhAOACgHICwHgCwGADAGqDQJVU7ATwdrGFtATANgTCogUAtgUAdAVAfgWAYAXAegXBA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C913 0
54 B 228ms
222ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lspjfilg&c=2859449502754&slotId=1429724751377&qqid=CN3Agr67sYQDFR3e_QUdutIKvw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.12m&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C913 30 KB
17 KB 70ms
66ms XHR
text/xml 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CwKDgT6iU3RJ7BN5QAl_nuzeWBw3LWmqw4bLwrurqv9i9_aqGbPMlUlp__PhvYvNTXzzQlhQHtW2OIyjyHZxlcuheZaQ&cry=1&dbm_d=AKAmf-Avj5tgJU7pMfqPEHOD_7JuWy2TZIGT5JxYlWFKIott3Df7NRfGvHJw89wb90hD5gXlgOD-94ayA06uQJ2sCTOfBhniFg_fqtJio9z1Yqag31Lqu8JhKZav1QH9Ku95njWcaKNK9a5V0kHLSaGs6QZWF2qjw9tikEJUhdX2cBLWV1ix8AzxKq4tt37qH6YkXI9wsR1TvVSU8y2Bg1Dbe5FgLoY3BISPipZBhVIGcH_a1kc93oj7rUDWKeTktxjMiUhOQK0OwEL4M9qkUozaJb7YuQx7QjErz-RtleLnJNNLGX0pEaoxvjnXzVQJaQGYcvXldwcQD3hChw99r0OMIvK2hJAxAlLQKCyDsAEfB1h4_YjNrRcrNh4G4fXWnxWK_5vrKlChXjZXE9blrvNhNY6trOAzicIvMEsrgobvI-6tD8VnDsngBwziM41pJwufhrJ2fGOL-K0z0h09JXWu2tq80JgUO5R0rqqHYxbMHa1BjPjRzjWFYlKxQlBCiTjgFdZqQSrn3klCojGvsxYjLdg0blQHlXxcAPutNadB-9lim2Kgv_1cNPCw8kNAbkPQcxp9of5XUGkZX6Qjxg-S18t7Lw0diYQutzRruEoe4W9JSAjtpb6JvHWdEyO2Q6LYgrmzDnTVMl2as5MMXmYb0hmWIl2yz0a423ozHBQJH3GgH5MzzR4C-gleyUAMzGPtee6A75pIlrTyDtuKi17lJEq2peu9gUH4JZB6W9E1rDLPAwk5olSdhXINZcEPBrX7H2ufA99S2bjz04sUi0VEh4yLO4SVqZt3t904M2wlEexTkHCM_dzN8ErU7gxHmWoQ59IzLN-JoD2HQTRbEDp1gczNMjFOsCGEk4_E9f0B0yZPpDn1Vu2hk9CTbmoUMt1RPvNwLPPh4cW3DHFzy30sMHpQtwk6UO_ypQ68AzKsjlOgaxdtiVGDVEVC_vCZHtfQ_HRxVfkOGItN2HVjHsacTmy9E-lkYaWbMV_AZGH5LkvlajznQwFZDuwgyxYVUFuxVA2TjkI3VazoBPm-MR2lT0lkSZzgQXoZzXi3eKoIlL3EBQlSBow1OiS3kmTB3T7zAcK2B_ILr6n3f3LKpDqtUXV9H3E7ZNfPqK-V3sSERM2Jj_OMuQBdY6STyMCW8Q_vxw3xSbpjZrfyl_ZtXcj11HLV39xejKK1SHtdw9T92TNOJ5CEDCyIkCgZ3zl7pHWAwxt8zkfghrmnv7oVmKSVvOHaFumZIRfYKjX-v_jf9_PYelqhqNFLoStE6tuJN_ocmx9R-KPFoR1FhkAzDhjrCfTonbbNCj_Xtw3lvFE0LouxT1hUhv3nA4qwHBAbkOPwjaqxrNyueU7t-qhLOtxp76KF_XQwmiAHfgNPjRRk8wTjj7sbOHmfN-ejbTbT9nURTAoPNgurPoRtFZsrgCgoJteGlihEIn8kI8ca9olf84JMM4IQzfbbX-iR79f0q_UHdlg0QpFS2wJftz4-CS6i0GLPbUXLwTC4oVn0wtZGe1xZrxeUJEw-Vjq5OL_-4QValtKJfnWSn2F1MvTKVgvSpk4WI_S7k-STwSQKi2Dy7ZyIsby98rtdJh09tRnlXIrfQk-XfwYNQQOS_XK7XDB5-JTs_a9tiwMSark9htEXG3yt4moE30wtUTV9fKZEnfRRUxvq3cpjEPCoLoOL6usjSPNdIS5DzNTpvHovICETC8TzvfAwY5z181fRHVvpQUFaSYJpKDMi-Ek2sRVSiSgmzMm-uKI5nkl9XeKVZ7CFfMyxY2ArsoEi-gcGOeMAgbmiJiR8B_334bkg6RItM2K0aC-jTfjnMSZPc2E_33B8S71v-oa1NZSRCG6wotSDuwmxgeI1xaYizO4CEniK_z-w2Z38fXO0Aus-GBMP_F0p-zI6KICQIqu3z3f5HkRtnmwWu7D3NmWQV7GObxpqI6CpkfJ4TXmeVqGV0HeM9iKfhoyeQuOovoSiOvmB6kBg2orpmUVkLsbowMVbDy9PS4EU6aOyu4vMb4f2AFVhvpnJiks-gG9fEYJe3S5Zs_9eYNmqDc7hEeLuEaQiN6Q2S36T5xf5iuM8t2rEUtpNnm6ZiIDPvyQuVWRuKMerW92eh7mJOlReUn6bfUdXiH5b7HD-0vHcW-VVp69vkAxwrxcVjMuqjl9YRagoX-tDtJ3zP9t0vyUsZ3xQh8_AJGdG4ViPxCdsIjii9OF8ZM4ceiCrmkpa29imzJ3LdQntv9su-Qe4S88KNWErKJ82c6FkVB-wWkVPiy7SSLv_j8BS6P_GCCt66aiyyBJ7SWwPAKmQg8toPsznJgpyKmXy0FZasc2qaQNOH1KfHG9O9EPt9XjOpyUZwCLinDPrelDIeRYWZ9KK-mG3nZZ7E2GJ2C3ezfJ25pyEogMHSMRHw5atEEJk7WJurYCT4KbSgLZax-2XH9ci3TQfkbsQXku4I5Lyz6A-Xi-3qpRqUy3oyFN0EtRnkbBmY4h5OodajHsEBgP0_FvsbdvbGnM0P0AGlNyiIYByp3LA9_matcun4TUTi8yDbybBIc2c_gZCypMJ_fJ8091sRpIKNxwV30ynn36FBUex6OgIOq4nWGdsHfMJTqwZqGc0p-0FShFI7rT6ZpZExhiFdDujbziOTGe7QIMLG3h1BE_u7mSNV1YNdpElInMmC0R3hHTJ0uz7x7w3KkNqndVI1eHyReZ2A4pLFXva8Q7lyeegv-Y9AAhEdQFJt8taAWC5O1x4YSwztLfKGUt7SHucny-ESwVyE4RDkqLRH2w1cLwkZ3ROSnOuQnInTBUCBUZyscXbsbse2jqgHRdt2IRDvD3RMQNiKzbs7A3T1nU0LtABmkDDBZv_tzAqpgJaVKODg4QFKf1kqt0jTV-r9TCKH9t-mzYqVnGEVO74Col8x5OdSD6vssVgV8BOHrrNo-HayrTV-_C-ZjxAcjIF3PzmTuk1ebYEzDsqio6ZyUBr8ZAMl4rJhactZ12bsATXzgoPf5Kub6I8VjbouVeAoGKOeDFOfElxyH5h7M3Z4C5qE0NMe6_otf1sPGwYTpjYV59xwbbuZgj9LP05BWPYRJ3O1OxT3Vyim9RTBM5U1Mf9llY9EHfZQbvBpMNnHqZ3pw3aG4PhLgOlqbTH6vrVcsYXkCpSHlKeBkcXsqITWO7Mb9f4UJXehg0gs52KeRRx5lPeQ6QU-aepMBLz2_cPPmsD4PztG1ibY3aMHb7-IPDtnPoMqvxq9bKM4McdLVqQd3jd_7Pi0j8elz8QwDU9910SkniZTPLxn7kyGs_LhYcCGzNBu7kSlPxf2P1rMcWuK8JeSQ-OgvzrQchZTbShcjfFFErXIonuehCXOa_y_cU6_Xkxt-u09jhC7-003WRe4-s3dZ3UiU0ajfWWaC8rGT6Wp1ubWc8YPxsmNbV67a1GZo5nUmmLJl9HSU_Oc9Y-y6Q5RavPhGRev8pWYPEXXdcV_TrIF9_jqkAkKvAcckz-X93ZBnjATwIfAOOHrUOeHBkJSFqEVS3rua1TC_9ic2HpvbOLg0A7cwmyvD9VKrZPHyc5sPzP3iN9zT7zv77AF4tgR5UAY1xyM9jKJNJyu8__infGuuBv9GHtfKAKxK96d_7pSozQ7U7ugpM2fjiXyZr2z61DIupGEhJ9iMG_j3tq2_RTQ8dK7r6gCIjIOc4yHXYUScGc-bNn92JpEwhE4YIdSmg1CHiO1Gpto68ZEUHAt5pBPfEavBrDmrQyndXeTPs9wVlTJtGr1nm_mL5UIDUec8srZq1qsxrAy6utFoW5C0eiWH8IMEdnzKUgeCn-8Ph3MUsJV4ckXGQ03nK-X7JZ74-SfGn3RtZ_KaeJElapMuwEUbFf1z964IuHqH86uC8wpBHlHJas73g7wHZ5BMfxU2ml10eB5hThtwFrOTv_DK_eVmIxmkPnhgMqJrWdC59VdGxMJYchDc4499Rxd6Osji58krhdMDgGob-Pb9i8GP6U7du6NBrR3OLkPSNJJH6PAixlhbDFCsVsSg_mYm_ZbywdokuTdz45OU6JHL0P8WT7NUL7vP7TaSRSNb9OdDQJnbUfqg&cid=CAQSTgAvHhf_MNSwj2SeuttdizTBsHQCXKY4GpgOJl-2E4_HJM2TL5FJeLxP1ltfjB-64I7ghQZgSjLsgld3SgmwKm8OcpB5X9gXrQQfy-9HbxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

1caebeb4fa2f6d63aa8510cb09fd59905b7af50af53c3e5fca43fde5c658ce0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17652
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FBCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1

43 B
342 B

47ms
44ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY1bvscTAB&v=APEucNU5D1erjnUGusmKnZze303vttG0MDAohQ45_-AdwVtCTqwsPHdKzrO648Eb8ebjX0gsfUUKX_UxI4MgwrEuibpFL2_jeA
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzh6TCxvP0JcRMbKVF30sm9%2BeKam9YBS2dPx5xHLbLtdki8ZC9s8ssU0EmJdFGX%2FJ%2F6P94k5I%2FBzPMu5dUMZbdYuONeIK864%2B2cirwsddTncvsEEg4V%2BEylO86hbgCZT6M4vwbLsBLfwEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856b0c729a7d36cd-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FBCB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdAsStHM6kgAAAONAAOrlQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1

43 B
768 B

54ms
53ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY1bvscTAB&v=APEucNU5D1erjnUGusmKnZze303vttG0MDAohQ45_-AdwVtCTqwsPHdKzrO648Eb8ebjX0gsfUUKX_UxI4MgwrEuibpFL2_jeA
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU8%2Fnfkav71jrVnasWYBZesI5BvxbOADxdPKC7owIGusPeyp0pby3csqneREJbBjPxD7DhDxujVsI4Vproyo8tPccyHXqW3EOpz%2FFhlCtWaypaG%2BmikrgnS88avgk96WT9mDtM%2B2allZxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 856b0c73887a53e3-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOQVq38a1Qay4JuSj2aYW48&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame FBCB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMxN7gsF8gM2y_9AEs8Qb-k&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMxN7gsF8gM2y_9AEs8Qb-k%26google_cver%3D1

43 B
1 KB

35ms
32ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMxN7gsF8gM2y_9AEs8Qb-k%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY1bvscTAB&v=APEucNU5D1erjnUGusmKnZze303vttG0MDAohQ45_-AdwVtCTqwsPHdKzrO648Eb8ebjX0gsfUUKX_UxI4MgwrEuibpFL2_jeA

Protocol

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
an-x-request-uuid: cef78e98-6d60-4229-b4c1-852eb3e6842a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
an-x-request-uuid: 13b7fc8b-7b90-4d6d-8d56-6bde14e27831
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMxN7gsF8gM2y_9AEs8Qb-k%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FBCB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgxMDMxNzQ1MDQ3MDU5ODA4

170 B
243 B

45ms
44ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgxMDMxNzQ1MDQ3MDU5ODA4

Requested by

Protocol

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
an-x-request-uuid: 37d65490-dc54-4d94-aeca-36db0dcf036c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgxMDMxNzQ1MDQ3MDU5ODA4
x-proxy-origin: 96.9.246.196; 96.9.246.196; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6BC5 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e422fcef2236aa4972f19c16df99b49541c27e02ef5ae14682661830f8fdb43

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3285 38 KB
13 KB 36ms
34ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 77260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 06:19:42 GMT
expires: Sat, 15 Feb 2025 06:19:42 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C913 0
54 B 227ms
226ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lspjfilr&c=2859449502754&slotId=1429724751377&qqid=CN3Agr67sYQDFR3e_QUdutIKvw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C913 41 KB
15 KB 31ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 12:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 12:34:13 GMT

HEAD
H3

200

https://gcdn.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

51ms
28ms

Fetch
video/mp4

2607:f8b0:4006:8::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/506E5B625F02093859F1857841268CD960BD1E2C.9CB0EB44165750D3DA600D2135AB8D1E27999C/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

2607:f8b0:4006:8::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length: 4095149
last-modified: Tue, 31 Jan 2023 22:44:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Sat, 17 Feb 2024 03:47:22 GMT

Redirect headers

date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/506E5B625F02093859F1857841268CD960BD1E2C.9CB0EB44165750D3DA600D2135AB8D1E27999C/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C913 453 B
478 B 32ms
26ms Image
image/png 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2666445661948602

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:08:23 GMT
x-content-type-options: nosniff
age: 2339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:58:23 GMT

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 6BC5 1 KB
976 B 114ms
26ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275800897&ord=716345945
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 10:02:46 GMT
content-encoding: gzip
via: 1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 63876
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fyjop-2cev3vDdPALQ3mEgTH04ArKCzYtBnq1Ty58eIEcJ3gAXZePQ==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 209 KB
31 KB 98ms
42ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 03:47:22 GMT
expires: Sun, 16 Feb 2025 03:47:22 GMT
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6BC5 0
0 171ms
66ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvcKdcM985snffDXAMtuiCho1puGsK4S5iKGN3Xx9sxPb87minr0gXMw5l6tcKYWAZxZr82CyJirnMiKA_FvDqaW76B2o75Ukr8UI_RBWRVc6Vyiq1NayMuaYbGDWrFSz4L3v1kzfYn1laUy8HcNvzmAJBgGB3FXTns0wxlYn-Z2zGE4en8kv3NOp1QITx5B-6dzHTW_-uzPw-QcQALZFlpC2sulRnrMD3qBuvTZkqMIo9GCOSJnNqyvZ9c-sBg6VIzpR3PQAhlzebOGbZWCEkCeBKq6iUhkIYRXNJRB-ryfKkoHHyI_UBnlfRs9YBuPjlnn9PjaNI47oKZT5eTEjdpzBijVFetobSMqwbuqg9KDl6EVY-K-yV5EejJVwOatyuhoyXGlEBg0LfG_-YKPceTdGmVmRdphqiSTpymJ1v_wAzJSume1UAscJB3NhHAfd_jPmxCgNssma4Z8ofqRM8U29Ht-dTw5VWsThj4Vb223HxO-ozAbOoWqyMdCqE_4fAICtXabWYwUTkf0BfTFGjqZWVvZ8rXj0ymcssuBhSVuCoy4yOtw2JilanVAPb8VxWovUKsehi3zviYuHTlxU59lgwHZ5dqPdRnnIWsNajQZcTvrftCzGFMa-GZUBu4WXwLWsnqHjMfiCo_6PRvwCb-fGcyhNDTEHkwW7GuR-Yk4lGT7vfgbOKQcZJ_aksuaq2qs7Aczvp_s4O-T40Hl4BFNXlha3P4qbzulbHx5DWBmhkLkKL-s238v52i9qj6seEg_pIEL_MBjE2IbbHpBSzKOAyuvBQlhiLmiogdtXb9dWzaDGOOdOjgDZq9_WWJTqdJf9fm3W08mBoEXtjfi7KzzIvrWNwnzHKeZGLef9FBIE-JAveqRD6op-x6KlZiedUTEN1tjK88eWBhJyM2wE0hCNmusBCBjMqgxIrCCrMakBkJRIITHBecRCrQphhH36yMAfixdVy_HL6f4xnT8s0jWF2thGA7TmX_QQgcIwIeWjmTpgW2BXzMsX_IcPf58eL2Jt_EZmPAhuNBf2HIibT7P0Slk09VPD6MqFPKMjKo5YXc5-IEude0QH1EFYFWQeAWl8sNguV1pvlBEdyBHuAdFcv5v-nZ2b96XPMoCkg_XqS_cy2hJ27Sm3Yf7hYht2zvJIS7Q7Jfljkk9H-OnijmzBTt9ROI9e17y1mh4HdEjmUrh36O2B9kUkxze-Fvn-Xl1_5WF7K-egZ31hO-idyr97fm5GTWYlPvdesm3eIqV48rqKpeWsULT1ajQI8iUIDpmZVpCTLELYk-2ZwJg4fb5P5lt-LjVPs_YDs7F5_ZCj5vSMTpGou6Dskh-8DROj8UGXLvRwggELxHMk1cuqaY9lj9z60-UScJK4U6DEdCT3OqKK0ZK1DTUCiPIZkm9egQ-b_ZWawxC98Kj1GWE-veFLF_dT1_B6ISFYKY1j3LsLjvzgubOZhy2tP2q-QG_sAKIVTyItFNLFLNZhhalor-n8nrcPyiBOANl8HCG7p0dSh9yj2tXwFsqfnbA8gH1RGHNRSSS4O8wqp79Wq7JzOWUWKNRe-5jMMu7A&sai=AMfl-YRRbPtZNLBWyiSuocY8akeIOOICU5e4dMzQilfZJA2aWRbmfMcTv5dElRp-6HTXw4GdvjkvQgLUALIkLK5erxcVMtNCKwl-y-VQY2R4TkhKosV61Q_jqfqZOlpNokcKSjM1VsDmIeBdE3AmmBIA84T8OvLbQHuxp-Z_NMEaX8pX9mmOoCd2mlR4wx8qpNEa4okG6-VDPBWVgJXLyJzUnngL4iBqooRytc1nCnycBRd-2lGnV7y6JPBcV49clQT9xYa_xSdrJBAYgWsZEm4Rg0cTXQPY2iwDSPHB7_nI0p94BJTihaYM_2PlVPwFJpno4dIJnXTxfuw33J2kEdOGMZ8-ydQbrsCDb9JA-aMn31Z7vp-34HS3zGqnjdR5RfU8wHPoOr_KTzy-7NPfiVFEKBj463JLWB0zKuADSxqaGPJxA1HEfmgdCQAz6Or3m0XiAEjIKeCpANq-i2FtCFJ5Fyq8D0j9mKrK4QBegHVmFK_V4ID9RpzDIwV7as1EtI_i4vDurFM&sig=Cg0ArKJSzDBEG902TjJnEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=379&cbvp=1&cstd=363&cisv=r20240215.30597&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:47:22 GMT

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 6BC5 1 KB
1 KB 91ms
28ms Image
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275800897&ord=716345945
Requested by: Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 10:02:46 GMT
content-encoding: gzip
via: 1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 63876
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Reqt_Xj10S89Y69evM-Bzms3a7utJHv-4R8Hrx39buEsnbNHwIMOWw==

GET
H3 206 file.mp4
r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 5BBE 4 MB
4 MB 60ms
25ms Media
video/mp4 2607:f8b0:4006:8::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:8::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bb21aee637d85203df41526f2820a1268b4f9c49dffc162bb5c765d6955a7403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 17 Feb 2024 03:47:22 GMT
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4095148/4095149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4095149
last-modified: Tue, 31 Jan 2023 22:44:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C86 39 KB
15 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8BBF 23 KB
8 KB 35ms
32ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 153095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 09:15:47 GMT
expires: Fri, 14 Feb 2025 09:15:47 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3285 39 KB
15 KB 35ms
33ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C279 118 KB
40 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 14:11:17 GMT

GET
H3 206 file.mp4
r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame C913 408 KB
0 33ms
32ms Media
video/mp4 2607:f8b0:4006:8::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-ab5l6nr6.c.2mdn.net/videoplayback/id/30f99def34f33a73/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739677642/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/506E5B625F02093859F1857841268CD960BD1E2C.9CB0EB44165750D3DA600D2135AB8D1E27999C/key/cms1/cms_redirect/yes/mh/be/mip/2602:ffc8:2:104::4/mm/42/mn/sn-ab5l6nr6/ms/onc/mt/1708140396/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:8::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 17 Feb 2024 03:47:22 GMT
date: Sat, 17 Feb 2024 03:47:22 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4095148/4095149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4095149
last-modified: Tue, 31 Jan 2023 22:44:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 6BC5 19 KB
7 KB 29ms
26ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1708141642887
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275800897&ord=716345945
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 10:20:38 GMT
content-encoding: gzip
via: 1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 62805
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WMGcCCSwjKLRq59iCLfrfmPALdlOKcoCORY1MX45JFuT2gZS1otFdg==

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BBF 39 KB
15 KB 29ms
24ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 200 Gotham-Medium.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 126 KB
59 KB 30ms
27ms Font
font/otf 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Medium.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 10:37:02 GMT
date: Thu, 15 Feb 2024 10:37:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60432
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 154 KB
69 KB 43ms
41ms Font
font/otf 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Bold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 09:32:34 GMT
date: Thu, 15 Feb 2024 09:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70565
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C279 8 KB
6 KB 58ms
53ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5940ec26d22528868f968cb2cb4e7329c4d7310fee8593df8dcc1e6e50855ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5888
x-xss-protection: 0

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 6BC5 74 B
324 B 395ms
103ms Image
image/png 54.229.120.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?1477588624872=&n_o_aut_tc=275800897&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.120.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-120-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 03:47:23 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6BC5 0
0 100ms
46ms Fetch
image/gif 142.250.65.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvcKdcM985snffDXAMtuiCho1puGsK4S5iKGN3Xx9sxPb87minr0gXMw5l6tcKYWAZxZr82CyJirnMiKA_FvDqaW76B2o75Ukr8UI_RBWRVc6Vyiq1NayMuaYbGDWrFSz4L3v1kzfYn1laUy8HcNvzmAJBgGB3FXTns0wxlYn-Z2zGE4en8kv3NOp1QITx5B-6dzHTW_-uzPw-QcQALZFlpC2sulRnrMD3qBuvTZkqMIo9GCOSJnNqyvZ9c-sBg6VIzpR3PQAhlzebOGbZWCEkCeBKq6iUhkIYRXNJRB-ryfKkoHHyI_UBnlfRs9YBuPjlnn9PjaNI47oKZT5eTEjdpzBijVFetobSMqwbuqg9KDl6EVY-K-yV5EejJVwOatyuhoyXGlEBg0LfG_-YKPceTdGmVmRdphqiSTpymJ1v_wAzJSume1UAscJB3NhHAfd_jPmxCgNssma4Z8ofqRM8U29Ht-dTw5VWsThj4Vb223HxO-ozAbOoWqyMdCqE_4fAICtXabWYwUTkf0BfTFGjqZWVvZ8rXj0ymcssuBhSVuCoy4yOtw2JilanVAPb8VxWovUKsehi3zviYuHTlxU59lgwHZ5dqPdRnnIWsNajQZcTvrftCzGFMa-GZUBu4WXwLWsnqHjMfiCo_6PRvwCb-fGcyhNDTEHkwW7GuR-Yk4lGT7vfgbOKQcZJ_aksuaq2qs7Aczvp_s4O-T40Hl4BFNXlha3P4qbzulbHx5DWBmhkLkKL-s238v52i9qj6seEg_pIEL_MBjE2IbbHpBSzKOAyuvBQlhiLmiogdtXb9dWzaDGOOdOjgDZq9_WWJTqdJf9fm3W08mBoEXtjfi7KzzIvrWNwnzHKeZGLef9FBIE-JAveqRD6op-x6KlZiedUTEN1tjK88eWBhJyM2wE0hCNmusBCBjMqgxIrCCrMakBkJRIITHBecRCrQphhH36yMAfixdVy_HL6f4xnT8s0jWF2thGA7TmX_QQgcIwIeWjmTpgW2BXzMsX_IcPf58eL2Jt_EZmPAhuNBf2HIibT7P0Slk09VPD6MqFPKMjKo5YXc5-IEude0QH1EFYFWQeAWl8sNguV1pvlBEdyBHuAdFcv5v-nZ2b96XPMoCkg_XqS_cy2hJ27Sm3Yf7hYht2zvJIS7Q7Jfljkk9H-OnijmzBTt9ROI9e17y1mh4HdEjmUrh36O2B9kUkxze-Fvn-Xl1_5WF7K-egZ31hO-idyr97fm5GTWYlPvdesm3eIqV48rqKpeWsULT1ajQI8iUIDpmZVpCTLELYk-2ZwJg4fb5P5lt-LjVPs_YDs7F5_ZCj5vSMTpGou6Dskh-8DROj8UGXLvRwggELxHMk1cuqaY9lj9z60-UScJK4U6DEdCT3OqKK0ZK1DTUCiPIZkm9egQ-b_ZWawxC98Kj1GWE-veFLF_dT1_B6ISFYKY1j3LsLjvzgubOZhy2tP2q-QG_sAKIVTyItFNLFLNZhhalor-n8nrcPyiBOANl8HCG7p0dSh9yj2tXwFsqfnbA8gH1RGHNRSSS4O8wqp79Wq7JzOWUWKNRe-5jMMu7A&sai=AMfl-YRRbPtZNLBWyiSuocY8akeIOOICU5e4dMzQilfZJA2aWRbmfMcTv5dElRp-6HTXw4GdvjkvQgLUALIkLK5erxcVMtNCKwl-y-VQY2R4TkhKosV61Q_jqfqZOlpNokcKSjM1VsDmIeBdE3AmmBIA84T8OvLbQHuxp-Z_NMEaX8pX9mmOoCd2mlR4wx8qpNEa4okG6-VDPBWVgJXLyJzUnngL4iBqooRytc1nCnycBRd-2lGnV7y6JPBcV49clQT9xYa_xSdrJBAYgWsZEm4Rg0cTXQPY2iwDSPHB7_nI0p94BJTihaYM_2PlVPwFJpno4dIJnXTxfuw33J2kEdOGMZ8-ydQbrsCDb9JA-aMn31Z7vp-34HS3zGqnjdR5RfU8wHPoOr_KTzy-7NPfiVFEKBj463JLWB0zKuADSxqaGPJxA1HEfmgdCQAz6Or3m0XiAEjIKeCpANq-i2FtCFJ5Fyq8D0j9mKrK4QBegHVmFK_V4ID9RpzDIwV7as1EtI_i4vDurFM&sig=Cg0ArKJSzDBEG902TjJnEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=741&vt=11&dtpt=362&dett=3&cstd=363&cisv=r20240215.30597&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Feb 2024 03:47:23 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5BBE 0
17 B 229ms
227ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lspjfif1&c=2954078048595&slotId=1477039024297.5&qqid=COOE_727sYQDFTvq4wcdO8QOGg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1981&mt=video%2Fmp4&vs=1280x720&ple=0&umsem=0&event_name=first_play&asset_bytes=191826&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1Zy5vruxhAMVUyRoCB2U0gygEAAYACCOjORYQhMI44T_vbuxhAMVO-rjBx07xA4a;dc_eps=AHas8cCY7T2Ptb8C1GdGBr_IiZRySF8uWD5ScKycm9kJVWF7CymUSt1gRJwD6iJX2GdXSg2eHXonYdoCmUluQUIa;met=1;acvw=sv%3D961%26v%3D...
ade.googlesyndication.com/ddm/activity/ Frame 5BBE 42 B
401 B 218ms
95ms Image
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1Zy5vruxhAMVUyRoCB2U0gygEAAYACCOjORYQhMI44T_vbuxhAMVO-rjBx07xA4a;dc_eps=AHas8cCY7T2Ptb8C1GdGBr_IiZRySF8uWD5ScKycm9kJVWF7CymUSt1gRJwD6iJX2GdXSg2eHXonYdoCmUluQUIa;met=1;acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D35%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D407444301;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708141643181;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5BBE 42 B
64 B 69ms
66ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CA1wdSSzQZaO8C7vUj-8Pu4i70AGgoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoEzAJP0D0RiSvScAXh11iQcMNpFtD24-LF5fkzc84bpJNxb1xF5Al9rpburBD6sycd1Nrr-aR3VJ9B04Vqyx2iMiPcBykRuklMjF_iD7ZQkV9WXVBdQ8D4wVI9WFeaxWY-MPEcf6E2R6vgqQY1TopwJO7NiU2kSTYmnVuPduSNJ1eDl8KVSUAcrX-us8ne41eP41ohRfBPQvFyxYIkSrwfdQCqw0VID0Bfh1CSkiXvBkmFkT2cIAgnSmyqXoyiabbqMVZeI8lLJ7OWHo2AAxfU4vKcDbevgczk05zX6WGQlxomlL3nqH9Z2PcgwQ8HdbqBwsKzyvVZN3kIdEzlin6vZNE15tGoK18VEiTg86S16jabnDrXXhDPcPpQQiLS64GancNCcnvq-DYJwmBfLeBHEnpPbe5JuO-NWaFRz-iI_n_mgo2HU7NXafSZwtItusAE4bCC4OYD4AQDiAWzlqboO5AGAaAGdoAHtd_HjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WM3H_r27sYQDgAoByAsB4AsBgAwBqg0CVVOwE8HaxhbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwQ&sigh=RmSXbQEYlwY&label=part2viewed&ad_mt=36&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D35%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D407444301&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708141643181

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5BBE 0
674 B 189ms
64ms Image
image/gif 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGM6H4zvgjtmLClq52YiCyrVM2gZLMMvTSMFjN32nO-dd8ZHvN9w1f_Z21tF9PDzaPDQ808OPB0doVR_4vKPLRfUxPzxOxPxHMq-l4NGEQSJ2l-A2FuQFqc4nv05wPs1kfgd48YzceUadFSNTmE1f_9rY663xjNqKQqaBOZ9tto9UKszoqWZ_lUZ-fPFVfVmn67kH8EGgjH0RSKa54NZlh-X48ka1OWpDnltV1R5D040Ko3j5BWTpguYdaaR0jw12KwGNtkTxGZo9miWcy8D_P681I5EX8mAW9f90mAjloguuoIYFHztFQAQTMxBI1sKK_7IUAJibbcDBDP0tjxCrL9OWzDGekSDe5IOQpoqUTRGFUQBAVNnXWq6ie3xSuBo2uvpB2HOaCYIMiuAjhsJlQuU-vZzC_JYd0oLYu40OcAgaJXzzzpd6ZBpGVf4V8H4GxW2_GZScdB_nyhFK1cA24DjyRUF305_VqISoTjem8A4UT6rLQintDipBZRvTe2Hb3bC2rZJO2mVcOBqs7swlrmG7So-GSFisNB9BLmzwo8RzpEVM_VMML_g7wzallNO0G-KQ57rOi4Qui1woF2Pg1Fy5zO5xOCNL-0I-bxWf1ALr2EchYXXk3t8PVSEVgdP_56whDXDf9jRO_i6GB7qjtbC6oXuWVIC83CvNPdUoUW-6ckLlsquD4-jVbNT29aMoFFAl9q3a1bMZ6BU0n97u3FqmcoCikoqmP4dOsP47sZxSagL9Fwd_8E9cWiUAw_UkNQUb0pskKHUk7zBqvyipElhIxcK_rI97XQYc97mwAGFMVwd-SjspuRwCjX6fh6vy8ZS_5bX8gfAEutHNFBvS1WWFNPAXzprwXzoiaKg8dskL3IoP9H02Xif71EU_6h3NSd53EucqGdl9VFhZbUT9CY3ynAAsSc8KN1iB3NjlyHoHktBPVSBVRDTSN6gNPHNPuVRaR4qOkqoFBtql7n8PAJ3rPZ3uIKq6AHcpJkW1Dsb_tuETk4Z8_9CVXqllWqChMt1TlpwkZVqq8fsBJxLtMd0vavRLUFxjHM5RD0yky1AR86hCyx4qYzg44qvHG0tBiblsCCtZ02xeSgNgoJRs-dQ04QQp1ldHNNKAKnGVSyxwmQVM6A4vPeRLv0lhmp2MboMrA0hgMxiANNRw8-hqul2CETnrcfTexUz0rE6jpt9CddQmB-QJjbp4Znz7sXj5auCZyPt3ZZXhrGgXB87Gyzu8Mv69UaYr3SA4oIfIi5zjONz_hz3HO0lnxQ8boXjAO07QSxeowk7E-EuxluP6AlJtyDonGefaS-k5UD-1JUvDDMnxK7Sb_YMh7s3NBv5f0kRpbopkSOs9E2cBcS27oyBJVwnWKpH8I1HfMiuAnaCb8BVRK1A72RL8FVEuW-TQ-MY9ROtz_a0SzrkHNavz9K2YAMhomTvuJcDlIQgZG7F_I2EGrr_mVMAPFhyOdAw&sai=AMfl-YQpBxyYhK07J_IIvI2jy9ZEL_nMqFCMyW2Yq5lsffTcaoYyJkYT-xuoULiBsts_QHs1mA3_HzRA9KVliHzL1czSncPCKAesqjeVyeUzumbtHEysJ9iU9htegjiacoHFgO2Nsxq25SWWf0nJ4TfflDuog04d3_Z7rwoPXMkCZzgvnoUSkzlPSDOzBLwSnIdUnw1olaNAUx5jRL4vlYfRom1PYFMzoJstI-xgjcu-4etoVVvQr7ME6D2Kw6UODh6tXqfJL54gVtgLctEgVl7_y2I5krs2p9aNBT0f1EhoVQ&sig=Cg0ArKJSzKnBX42BmutrEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:47:23 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BBE
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqQ1AIQ9MLxjgMYpvT63wEgATAB&v=APEucNU0JCJgJPPhU6_Tg4ie6h4hrbVN9P5Lk4fbSjDBKOuFibDU8bwWDeHh8Jn6JCZFvDa3PGhsTK9SXG9LIoMChk-1Zy4U0BlGms8T-slBZ8X8zzbrllk
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZlZDc0NWMtMTdhMy0yMDEyLWNiNGUtNzgxNWM0MzhjNmI4

170 B
188 B

47ms
47ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZlZDc0NWMtMTdhMy0yMDEyLWNiNGUtNzgxNWM0MzhjNmI4

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWZlZDc0NWMtMTdhMy0yMDEyLWNiNGUtNzgxNWM0MzhjNmI4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BBE 0
20 B 96ms
94ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5BBE 42 B
64 B 71ms
69ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9OEeF2aGyyLuk_jeoHOcYhE35BhemILuP_Gw5x-Fk_6OrBB_rjQGpOxOCUy1wJzMskmKuNYtieEkD7RFSKuPjqfz10H2IzvzcmhGDNjczsAB6mqMSd1IOF2GkOUSYkBYzjcKIxfi8QbG1TzHeN9y5U48K3RE7zE0&sai=AMfl-YRI8d4Mzb6L8SfWDRKvg3GRiVXDOVvNWAGYH3f2pFZA1ooyRY7tx5nSZFq6R58foCkU5oU39tQ4bB90Xazhb1S8jre9dVf1jpjTAO4NBnZBy5a931fuHk7Q9YS1TPg2QWSrw4oGLTb81vdJsr-EXA&sig=Cg0ArKJSzFlhvB22SC8eEAE&cid=CAQSTwAvHhf_TYekNFuW46iQZSyIFB5XHZYw69KatrjajbbOUtFX5hG_oLmAMuzf7zW-6N6VJyja9jd_oMlLEhv_TuU3JptFziNTm5454OqiQ_AYAQ&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D35%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D407444300&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708141643181&avm=1

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5BBE 42 B
64 B 69ms
66ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CA1wdSSzQZaO8C7vUj-8Pu4i70AGgoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoEzAJP0D0RiSvScAXh11iQcMNpFtD24-LF5fkzc84bpJNxb1xF5Al9rpburBD6sycd1Nrr-aR3VJ9B04Vqyx2iMiPcBykRuklMjF_iD7ZQkV9WXVBdQ8D4wVI9WFeaxWY-MPEcf6E2R6vgqQY1TopwJO7NiU2kSTYmnVuPduSNJ1eDl8KVSUAcrX-us8ne41eP41ohRfBPQvFyxYIkSrwfdQCqw0VID0Bfh1CSkiXvBkmFkT2cIAgnSmyqXoyiabbqMVZeI8lLJ7OWHo2AAxfU4vKcDbevgczk05zX6WGQlxomlL3nqH9Z2PcgwQ8HdbqBwsKzyvVZN3kIdEzlin6vZNE15tGoK18VEiTg86S16jabnDrXXhDPcPpQQiLS64GancNCcnvq-DYJwmBfLeBHEnpPbe5JuO-NWaFRz-iI_n_mgo2HU7NXafSZwtItusAE4bCC4OYD4AQDiAWzlqboO5AGAaAGdoAHtd_HjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WM3H_r27sYQDgAoByAsB4AsBgAwBqg0CVVOwE8HaxhbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwQ&sigh=RmSXbQEYlwY&label=vast_creativeview&ad_mt=36&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D35%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D407444303&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1708141643181

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5BBE 0
17 B 228ms
226ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lspjfj53&c=2954078048595&slotId=1477039024297.5&qqid=COOE_727sYQDFTvq4wcdO8QOGg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1981&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vil.1l0~ff.1lg~videopreviewstarted.1li
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C279 17 KB
6 KB 66ms
57ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 03:47:23 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C4F 39 KB
15 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C86 0
20 B 96ms
93ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BI8_5SizQZdXPCNPIoPMPlKWzgAoAAAAAOAHgBAI&bg=!cXKlcj3NAAZN4L4YbeA7ADQBe5WfODUxJdO8dI6hr2YImYTUf_fPtHsJuUVKTYwOya5JIznBUSx2nNKxFGPFPFbYx05bAgAAAhVSAAAAAmgBB5kC9wyTj_1MW3YLgHI0utKoBrSGotO51-bxsuXou3OEyEDzA6fSyOMMQkvkYxTzbo-KSszhHA4DC8guFvZyUlr3H_zsQlBS-6zr1sVQMefUhheR46ksEEApYHHqqQghvxv8oErdQfSNTHlSL7sF08cid6HUcqlUflthNDIOBTldOQ63k_bH2OH92u6DZ8QPxoiiFh2vv7yttS2QhsJtRL998DopVANq3_aO3DgmN-fNl4PYAQXAvVi84pZmuUdQvBkqI_LPW9y_37KnyVzbzfkiGcngd9-uEi4Mfod19QKZAHhYPoNftPQKfiQCC5u5YpYsLsrDugoG-cckoX0MEEplvGXyZNkb5x7kkAFhbnv3jUAdSFr-3BMpNS78SJVNDlDqYIuB4wp6e2MB-SLlxFlj-EgdULBM87MyuutDzqYSKSgglG9ysboHkTwTAOr4fbj7gLuump5zIO2qTtmVD_jbKCKLAl5CyCEy6T_-9hCXKfZJeEm0ey3KW58uodsfSeXvUaOq54R03cpZF8n4VafURF7SsA9NJgcWrZVptjNZOBgfWxuYfRzl2oG_c-0z6R3dFNXZ4XhQv_fyFRL48UIXoNbOj3HvShLgc7geltNNdz-40tX8X_PI-2cb8UKSihrQnKBfC2dAzZvnXuzaM7DGUElzYWZcWmtIhj6UYwXQcNlQvuwYB-Pd7ncjPAyR6fqEHs3wXDYbUGo8lqbSWcPsngg1qDNrlstUJDCO3dGd7KIJP9q9L1pksUQAVTWu714LaB8E3owTYuhRhRwz2VwbZvVJbSK0yj2m0NH0tXYCpjUONOI1LjnEAtOvWB9oGWk6emKQrrPbUGWnFSQGmJd4fiyaLdxnNOXtRZvMiHSlgSt7nnaC4R7eMUpGCVzNDG2cambiUT7JtZPJEq7TUaya1rh27t80PjJNlojj_VTZJVR_5tXHVr61y81H5AJmLAV3odjcUL-aEyyDzO30YxvQmXp9DzlqOG1AGkMa97Ed4gMucsV1f8BeRw

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avw
neural40.cdnwebcloud.com/ Frame 6BC5 0
105 B 105ms
104ms Image
text/plain 54.229.120.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/avw?54414425061&n_o_aut_tc=275800897
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.120.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-120-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Feb 2024 03:47:23 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 flashads Show response
fundingchoicesmessages.google.com/f/AGSKWxVGGsbr_rmQtKQvG2xpLY9BjBcgaW0oPbBdrLX6Q59tk69fJe2yPbw4wOwFrPs1E4OnXR9_TnC-hmXx1joxZWbMJfu3XxN3ceZ-qBip38QZhm0p20zdTa-mpRgTfEfZQKKWZ5kmGSRcWGiF7z_DgitDhoeFV... 54 B
110 B 51ms
51ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVGGsbr_rmQtKQvG2xpLY9BjBcgaW0oPbBdrLX6Q59tk69fJe2yPbw4wOwFrPs1E4OnXR9_TnC-hmXx1joxZWbMJfu3XxN3ceZ-qBip38QZhm0p20zdTa-mpRgTfEfZQKKWZ5kmGSRcWGiF7z_DgitDhoeFV2SVN-M45zMwzVgoQ_b4KrU5NdVGueL7/_/sponsoredheadline./doubleclicktag./ad/small-/adinclude..net/flashads

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fdbfcc720e6cd616ce3dc4c1f005760b77b3bb72daf59ebe78197dfd4aa26a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UxH54OyXmykmXTmutDKoMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-UxH54OyXmykmXTmutDKoMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KMhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePBwvfuumsKkCsu346aygQbzkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYgIP6cOYP1NxD71M9gjQFiIR6O0zcOrGMTOPFsRzMTAF2nTNk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ff9025f16b428475d5a57e133ec69cfdfa2f26f5edc6ac744cb3d2aa8622d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 02:51:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3363
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30993
x-xss-protection: 0
server: cafe
etag: 5655574714832874877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 03:51:20 GMT

POST
H3 204 AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 103ms
51ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_oEPBfDu7Wf2pzgWc7lMpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_oEPBfDu7Wf2pzgWc7lMpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XCcvnFgHZvAix8z5jIBAAO2GQI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3285 0
20 B 93ms
92ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzMW2SSzQZaD4Dp28998PuqWr-AsAAAAAOAHgBAI&bg=!rq2lreLNAAZN4L4YbeA7ADQBe5WfOEEA_6LErHvuRmQ80sNmMhZXngWnA0smr7DqfsrLcYqrLGKHZ6HhIWDmvS-rUPBvAgAAAgdSAAAABGgBB5kDOEtrnHXVLId85nOiqCfS-Ju8wo2DBeCb0TraDc1v0tyxOy3NX1mCZyZI7kzvlowB_Aa9bkiLWyVXNTTJiOLOxbMLE1svSOGkfqRej3pyVoEro65XkGT7n2b4Tnlf6_pa0K1bSbXVRUel3-GRo2pqTsgAl7nw3sN7_QnguQkFqQpf9y-loeQo0mbUGl1FDsTD6GOf12J23Wndzo3UTQhSEBMz2HgfTd3Fytf_HOCwY0lIJeHpls2BZarcWAp_fuIUO2nJ58skz8r2i5nJAJ3DzO8mpfSj3Ll2MDq9mk_RA_59070hv3jvy-o7Wz7HhfuTwYVVCtKFvNiNF2lEJEqiQJ_cHXqxD3AZ3IyLvPlPboZS4Z7nt-hHaJsjt-YLGapNH-qVnb4e7rmIdNJV3CM5lSdfjEqjH_Xr-QUJrrTAlOHyFZp9LbNnPlHXYgSSb-hejbdgBGZzLy95kGGJRjDtAGXgD8TcSO4U8gYyYgXvheB9VZbLnFcKzPzHK43mPCL8-PFA4L4W9br-VBx1cU36jLqm7U38o3aKtdMHFJj7EkJE0UahNYpDGlgUAYd2S-kl9bVUmcwSEZ_bfTlKyDhbBqnP_7jxHzlqS-mAjm7PPP3TBozi5T4LU-e94zpwntWA03v-oRVs4MFuggoxDRT1WyN9nj5DjUS40YO_YYXVZAgd77kgNjTg5h3_yRvx-du3vXNVnxbY73m62Dleq3Um07L0uismHJoWx4Lokf56DvFJQjS_8Wpt8qUBxKT24LMgJ5AaZoWzhNb3ms8yEjgUMQXDR1E879NLeOHtmduwpW_oFB-5CTG3XQ9YvGTZ5X9pfZ2_vVBQXZG3G4an-JRHX0_DbeZi0ho0OwOzZHmlKnr_5g8KodSGR7rr_AN9kvTyDU8JjiGePh2hSsOIxX4-TMkLSs6UjfA_FZlPsT2bLgA1W7aSCuv8N1KcmJGmoCapYbV_c1lyNuum6jkWazK8tzMAbrnoj2xv97lwe2J9_5RQkMEPXij5AjiWNVln28z2J5CEIyFZgU-svxZqiC3yRD2vORjrrHsGRI1IxeSWtoh3YOBsm0Ywa7OpKy2Cg-sNoeJz-oeTxv8q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BBF 0
20 B 97ms
96ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BWyTmSizQZajBH_2CoPMP87i5mAYAAAAAOAHgBAI&bg=!5eal5qnNAAZN4L4YbeA7ADQBe5WfOIeylvpez0EhkHdXGFn1wofhmA8mb70Uhe2F7R7ehcQS419lKhRsoufXwWLpKW-JAgAAAc1SAAAABGgBBwoAKGLnTrggLK7uq5nYt3KMuW5IVsxvrqWGBG6K93uvkn4jxP2t8grqXueZAxxdKRoNqcTHlRIWusyncWHJh-X8h6_bUZPTsDGF8itVsYsK1qzNbkUQ7SX6o_X5wjiUUjDyBUV50ufzhUnecmT8KW1_0_SEEfBL2R1o7f8CcPA-iN2Ki7HSKsqfLO1b0xueyl_b1GAURV7RtMDrN-T478qTqBFrr-xRt0Qz6tmebuS-wMzRrKYp9qDCnJgvEDuZ18Zxkw9QE_bygD6RXFROo4pLfe_4wgV5V4RfJtNJAd2ZeOHJoB5QkbhIMfArIHXNEaftCt0m7jbgnUWhSxMdklHRv3v0JzTkBOKzyvp0hC7yv1VL6rn-BgiQuenfRNoWo6Xznhoqcd-1fZc3oIaPf3-YpxUJYZG-utEYKOeIrxR65rqNPWHMzj6-WwilutFeBkNJTYhsVmS7ZSoc-_tMv6u7hTI3fuPku1L7w1AcrCLAagGsiNbmWx_6PsNa3AwuqrJUwEhkRuCCMzoSsgA-ZkUXePx07N53EtktiyDA-KUZ17oenrP7XlwXzTKSDxLyoIhK26yROu_O_AaKKU6ueV2ws_bLLoymardfQDtaW7mAHJbAfffnBU11dsHPNHe0VR2KKZ-YHQ2_peKd6qu8dMX4Ys2a0QRsBBM6pJm3SIDjpppzHGGhLfhDvKxBl-zJmbFS7IWY28pqbpNKjc1YAPYDVszM6ZiYJyH_NHGPQCR925BFwUNy7MU844foGoV2Zvj2K7pSrHP-kc_kj7Wq85TeehQAQjauk_HB6x3Cxi1a8i-ZLLRIEku2rYCaz_RNc32y3w4vhZyPyAMnIUiiq-gOfavGhTX8Jte4tZVHo9AEO1_DY8DSAeFkYL9zu8UI2s2BpvKwonvjNfnsaO5Z3gArcl80_bWCfzF8NPWHKeF1TPqbAibLlnhML6pmtMbQJX47TIbuixCwjfjJPw62tQfDr5iWk9fFa_YG_-HBFBfGhfa_NLRBLdFoO5PySalgVq9dhTgm15dbKrwdCnMKjUHSeLbbvhoUlCCvcJcnhgx8z5P--g0AM8NSeTLgCfgWI-eb4344Rb3xZ35_NkC05LAfeDMBU4Wy29fv

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sol_logo.svg
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/sol_logo.svg

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 07:34:01 GMT
date: Thu, 15 Feb 2024 07:34:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1118
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 texto_logo80.svg
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 6 KB
2 KB 32ms
31ms Image
image/svg+xml 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/texto_logo80.svg

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45565342518890a25b46dee5e726ad773917bfcc17dab19f4d6455f4a4b9c722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 16:37:29 GMT
date: Thu, 15 Feb 2024 16:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126594
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2164
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 palmera.png
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 941 KB
941 KB 35ms
33ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/palmera.png

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 13:22:42 GMT
date: Thu, 15 Feb 2024 13:22:42 GMT
x-content-type-options: nosniff
age: 138281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 963679
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 palmera3_1.png
s0.2mdn.net/sadbundle/11938805746972946677/ Frame C279 490 KB
491 KB 38ms
37ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11938805746972946677/palmera3_1.png

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7316c9f4d49e26236b93f844761720c06a1e9a32de4eea83678381e3237e0947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 15:53:29 GMT
date: Thu, 15 Feb 2024 15:53:29 GMT
x-content-type-options: nosniff
age: 129234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 502226
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:49:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 alwaysOn.jpg_1688031171872_alwaysOn.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame C279 170 KB
170 KB 33ms
32ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/alwaysOn.jpg_1688031171872_alwaysOn.jpg

Requested by

Host: petalpaloozaparty.freshnews95.com
URL: https://petalpaloozaparty.freshnews95.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47ca510e702a8bb97e5fdf139d5fc1b038e1613bba446a49905dbd653e8f028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=RkoFxhR5zr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:13:27 GMT
x-content-type-options: nosniff
age: 106436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173580
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 09:32:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 22:13:27 GMT

POST
H3 204 AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 113ms
113ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cqGvMJvr3wBmA6tcBhl2Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-cqGvMJvr3wBmA6tcBhl2Sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XCcvnFgHZvAhc1dx5gABL4Yyg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 144ms
143ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UY-YHms1SY8cLM8JUt1ueg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-UY-YHms1SY8cLM8JUt1ueg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XCcvnFgHZvAhenTLjMBAAWEGMs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 138ms
137ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6IT8GnQycgji0uWukzPBnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6IT8GnQycgji0uWukzPBnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XCcvnFgHZvAhptnLjEBAAXSGR8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUCpC4kkWCILWbd6dU9lcPThDPXAxINo6gTCC0E0m8cWbm8DcyQdwpgeB6-v_jdGrHLg4iJeFJ97VGcsYsi4dS50K3Nip0_6D0l9vpcb3lL0Ybkpkw-rXnnutCWqL3Fia1zNdoyvw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
70ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUCpC4kkWCILWbd6dU9lcPThDPXAxINo6gTCC0E0m8cWbm8DcyQdwpgeB6-v_jdGrHLg4iJeFJ97VGcsYsi4dS50K3Nip0_6D0l9vpcb3lL0Ybkpkw-rXnnutCWqL3Fia1zNdoyvw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MTQxNjQzLDU5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wZXRhbHBhbG9vemFwYXJ0eS5mcmVzaG5ld3M5NS5jb20vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bde3768d766f149fda9554d4d77eed5ce8f501510f67b75052fdeb2d69d5afa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6TvAp1Ccs6sBEyJ-9d8Ysg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-6TvAp1Ccs6sBEyJ-9d8Ysg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBBvOTOddQ8QxzyfzpoCxItZZ7CuBuIpgTNY5wCxU_oM1iAg_pw5g_U3EPvUz2CNAWIhHo7TNw6sYxO4sbh7AxMA_OhHjQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXkOeCYRPvTgP86vJSuzRUdWWsjJ9wvmtiWzd44sDNLeox8Czdqdz4DHH7mmCf_WQB1G3hEERRkBxbkHWmc9VRSTJFFTmtlCtKcvZTs3_6T5lAXkvBaHIiYbA3Bnk2zTtnYL_3uWQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
51ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXkOeCYRPvTgP86vJSuzRUdWWsjJ9wvmtiWzd44sDNLeox8Czdqdz4DHH7mmCf_WQB1G3hEERRkBxbkHWmc9VRSTJFFTmtlCtKcvZTs3_6T5lAXkvBaHIiYbA3Bnk2zTtnYL_3uWQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KXOyieLqKWjJhwMMJ-tBcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-KXOyieLqKWjJhwMMJ-tBcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XCcvnFgHZvAhc3XrzEBAAa9GSs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 133ms
131ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWVH9rWRRLLXqXndh5ip507QE34CgQiSVey4HyYRDbFaLdPb5JuuheJXRfqb-lpF9Paz1SOgaD-CqRUG7qzuAnhxZEG_cirgZgDEcmhX7KU5IRmyv8N-JB8G1zIWg44g1aGr7R3iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I9A73buSP5CrDCJwTE00Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-I9A73buSP5CrDCJwTE00Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrEBAL8XCcvnFgHZvAhucf_jABAAdGGX0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://petalpaloozaparty.freshnews95.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
64ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e57f5b9741b6782981adef5d13985a7d73b788ce5a92eed71a8b5c2c13d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12354
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402120101/show_ads_impl_fy2021.js?bust=31081135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 03:47:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5EEF 13 KB
5 KB 32ms
24ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 114007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:07:16 GMT
expires: Fri, 14 Feb 2025 20:07:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E92 829 B
1 KB 112ms
45ms Document
text/html 2607:f8b0:4006:81d::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

42178f410ece62f8c632840ecf10365c0bb43dc664e84b0d4e7c8c091cc58023

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F27U7BjEN8xprJ6veWS87w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://petalpaloozaparty.freshnews95.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-F27U7BjEN8xprJ6veWS87w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 03:47:23 GMT
expires: Sat, 17 Feb 2024 03:47:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EEF 39 KB
15 KB 27ms
24ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BC5 42 B
64 B 61ms
61ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbszUVdpYJRZvzSoSAgrpOjsLwqVLlGRlBLO35ggTpWgIJfQmZUnPUqSYXdtw4ab8DhOt0ne4f8WRopKgz66tH1oyEVsnZPpTBHrZpQhpvXNLv9uuPhPYnVPVaSE3GBmoEf3tTv6VBd4TQzgTbAE5jYqixTAbO7Ic&sai=AMfl-YTFtQ3Sqy9pLEV3z8uOBW19qrFTGfNjxK2vhdldQ-908S7hS5UaCp3CCwdpcQx4plAvOpkQcGK8K1vr-LWCqohCcGQVqWKn7sVAse_UmhZ1oCpzSulCUAHyOEh-wgrG61ZfoRiCAInVfd9aWy6F&sig=Cg0ArKJSzLw1uS0RLYgMEAE&cid=CAQSTgAvHhf_MNSwj2SeuttdizTBsHQCXKY4GpgOJl-2E4_HJM2TL5FJeLxP1ltfjB-64I7ghQZgSjLsgld3SgmwKm8OcpB5X9gXrQQfy-9HbxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=789,1000,1000,1000,1000&tos=789,211,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=407444200&rst=1708141642285&rpt=593&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E92 0
0 65ms
63ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=3776762684313364&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5EEF 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?o8L22Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 03:47:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame C913 0
17 B 238ms
238ms Ping
image/gif 2404:6800:4005:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lspjfiqu&c=2859449502754&slotId=1429724751377&qqid=CN3Agr67sYQDFR3e_QUdutIKvw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1981&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.17v~atrd.180~vil.1m5&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4005:815::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
59ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=3776762684313364&bg=!tbaltvnNAAZN4L4YbeA7ADQBe5WfOMo_ETfpTKcmTra3EqXUchhvHfMjkOJzTddV1gpKVb9QpHMyWq4wOMshG-f39nbDAgAAAJJSAAAABGgBB5kC0H1h_cGlUdoobGTZhXTIsQQ7KQeAytfO1uOqpYCmPm1mBux2Qw8UKqeIMDtXi1FlXiVt45vMLAay8Dnf_yF6Wbv70_FurLfw2Z--N2BHKo2znXLnoFpV7TB0-rrf1rFzqTtsq07RLnzO0jQyG6Oh_h_e7GqBtTn9pR-ywahF_g39YWE-_AVNHeDNz7jESdANBD8If76cCGeyIxREwk0qyoRPMKlUuryGHdmxiQzW33bhAnBs0ucdwp-aUbusYs35FK5QJQekCzyZphDP1zRqbyxESzzsSE1kDJuSL4OBMMwBcsQ6w1gUi6tB09OH8iRMFJG-arSO-IMlEYkCquBKo2tBj6wpDZlTlXxb-eufyZJcNAswnj1SkbM1O69fgYvY6TsQm_IXdNEfdPvIyY0kz0cC0sogjutbdHPGJ7zVEX_lrAqoGN4-h7jf7Q3YePn0zJ8zL_qRT3gaMSg3gppU2hHJMo9YpjEnM2L3GNGQ4eNz7C7P7tzBz06azeGk_pegHkWpULsmZm_yx7pHQWAMeotkKqac9DhvHXA-8k6D_zDpt-FF3W8nOtA_qLcnkR0K3QnweQCRcq6t8eYMiCam591GXjp-HY91fWWeLS3-SdKIeY_FCjF2npnkPZVtHUi_lxwu87stwU8M13tAtRPYHR9wzhvWEEVL-mCTUZOGCn9bCZom03NLP8xqDtB6i84vJH8I2jP9ACFUl8V-k0T4LP2YZNMzQzI6F-Na37_JV_Oz2TDOLnZryQyhvFg-xNeeBYZzDrpOgVOokaIyZ_YaIZU8f-II-ezXqsZizMvrJifIurzxaKIlVm1BGcblGUoJ7sG2MbLp25u4qMTH78KMYPw5ReSWc6iZHZVXWY-PPGG4SrNbXJHl5g28Dy_zRDypA4u-Ff474Q2AiDRfxybaZQKASDX1IX_AbruWxsxPYNbFJ1r3c6_wxfpsDfHqAgs34A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://petalpaloozaparty.freshnews95.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H2 200 admin-ajax.php Show response
petalpaloozaparty.freshnews95.com/wp-admin/ 0
250 B 226ms
225ms XHR
text/html 216.128.146.70
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://petalpaloozaparty.freshnews95.com/wp-admin/admin-ajax.php

Requested by

Host: freshnews95.com
URL: https://freshnews95.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.128.146.70 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

216.128.146.70.vultrusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://petalpaloozaparty.freshnews95.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 17 Feb 2024 03:47:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5BBE 42 B
64 B 59ms
58ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9OEeF2aGyyLuk_jeoHOcYhE35BhemILuP_Gw5x-Fk_6OrBB_rjQGpOxOCUy1wJzMskmKuNYtieEkD7RFSKuPjqfz10H2IzvzcmhGDNjczsAB6mqMSd1IOF2GkOUSYkBYzjcKIxfi8QbG1TzHeN9y5U48K3RE7zE0&sai=AMfl-YRI8d4Mzb6L8SfWDRKvg3GRiVXDOVvNWAGYH3f2pFZA1ooyRY7tx5nSZFq6R58foCkU5oU39tQ4bB90Xazhb1S8jre9dVf1jpjTAO4NBnZBy5a931fuHk7Q9YS1TPg2QWSrw4oGLTb81vdJsr-EXA&sig=Cg0ArKJSzFlhvB22SC8eEAE&cid=CAQSTwAvHhf_TYekNFuW46iQZSyIFB5XHZYw69KatrjajbbOUtFX5hG_oLmAMuzf7zW-6N6VJyja9jd_oMlLEhv_TuU3JptFziNTm5454OqiQ_AYAQ&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,36,399,744%26tos%3D2018,0,0,0,0%26mtos%3D2018,2018,2018,2018,2018%26amtos%3D0,0,0,0,0%26mcvt%3D2018%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2238%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D220%26dur%3D15018%26vmtime%3D2280%26dtos%3D2018%26dtoss%3D1%26dvs%3D2018%26dfvs%3D2018%26dvpt%3D2238%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2018,0%26co%3D407444304&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.14%26t%3D1708141643181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI1Zy5vruxhAMVUyRoCB2U0gygEAAYACCOjORYQhMI44T_vbuxhAMVO-rjBx07xA4a;dc_eps=AHas8cCY7T2Ptb8C1GdGBr_IiZRySF8uWD5ScKycm9kJVWF7CymUSt1gRJwD6iJX2GdXSg2eHXonYdoCmUluQUIa;met=1;acvw=sv%3D961%26v%3D...
ade.googlesyndication.com/ddm/activity/ Frame 5BBE 42 B
107 B 95ms
93ms Image
image/gif 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1Zy5vruxhAMVUyRoCB2U0gygEAAYACCOjORYQhMI44T_vbuxhAMVO-rjBx07xA4a;dc_eps=AHas8cCY7T2Ptb8C1GdGBr_IiZRySF8uWD5ScKycm9kJVWF7CymUSt1gRJwD6iJX2GdXSg2eHXonYdoCmUluQUIa;met=1;acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,36,399,744%26tos%3D3643,0,0,0,0%26mtos%3D3643,3643,3643,3643,3643%26amtos%3D0,0,0,0,0%26mcvt%3D3643%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3863%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D10%26pst%3D220%26dur%3D15018%26vmtime%3D3908%26dtos%3D1625%26dtoss%3D2%26dvs%3D1625%26dfvs%3D1625%26dvpt%3D1625%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3643,3643,3643,3643,3643%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3643,0%26co%3D407444305;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.14%26t%3D1708141643181;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 5BBE 42 B
64 B 63ms
62ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CA1wdSSzQZaO8C7vUj-8Pu4i70AGgoOv6c7KF7oe6ELW67oPQLhABILjxlzBgye6Oi8CkjBCgAbWn96woyAEFqAMByAObBKoEzAJP0D0RiSvScAXh11iQcMNpFtD24-LF5fkzc84bpJNxb1xF5Al9rpburBD6sycd1Nrr-aR3VJ9B04Vqyx2iMiPcBykRuklMjF_iD7ZQkV9WXVBdQ8D4wVI9WFeaxWY-MPEcf6E2R6vgqQY1TopwJO7NiU2kSTYmnVuPduSNJ1eDl8KVSUAcrX-us8ne41eP41ohRfBPQvFyxYIkSrwfdQCqw0VID0Bfh1CSkiXvBkmFkT2cIAgnSmyqXoyiabbqMVZeI8lLJ7OWHo2AAxfU4vKcDbevgczk05zX6WGQlxomlL3nqH9Z2PcgwQ8HdbqBwsKzyvVZN3kIdEzlin6vZNE15tGoK18VEiTg86S16jabnDrXXhDPcPpQQiLS64GancNCcnvq-DYJwmBfLeBHEnpPbe5JuO-NWaFRz-iI_n_mgo2HU7NXafSZwtItusAE4bCC4OYD4AQDiAWzlqboO5AGAaAGdoAHtd_HjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WM3H_r27sYQDgAoByAsB4AsBgAwBqg0CVVOwE8HaxhbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwQ&sigh=RmSXbQEYlwY&label=videoplaytime25&ad_mt=3909&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,36,399,744%26tos%3D3643,0,0,0,0%26mtos%3D3643,3643,3643,3643,3643%26amtos%3D0,0,0,0,0%26mcvt%3D3643%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3863%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D10%26pst%3D220%26dur%3D15018%26vmtime%3D3908%26dtos%3D1625%26dtoss%3D2%26dvs%3D1625%26dfvs%3D1625%26dvpt%3D1625%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3643,3643,3643,3643,3643%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D844280401%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3643,0%26co%3D407444305&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.14%26t%3D1708141643181

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2666445661948602&output=html&h=400&slotname=9827834034&adk=1677435917&adf=3777207981&pi=t.ma~as.9827834034&w=780&lmt=1708141641&format=780x400&url=https%3A%2F%2Fpetalpaloozaparty.freshnews95.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708141640772&bpp=2&bdt=571&idt=322&shv=r20240215&mjsv=m202402120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6275307567005&frm=20&pv=1&ga_vid=1345998507.1708141641&ga_sid=1708141641&ga_hid=1551076646&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=410&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081140%2C31081187%2C31081188%2C44795922%2C95324581%2C95325068%2C31081135%2C95324154%2C95324160%2C95325079&oid=2&pvsid=3776762684313364&tmod=1626864351&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=355
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Feb 2024 03:47:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: freshnews95.com
URL: https://freshnews95.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.woff2

Domain: freshnews95.com
URL: https://freshnews95.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freshnews95.com/	1970-01-21 04:05:01	Name: _ga_M4WLKSXSYQ Value: GS1.1.1708141640.1.0.1708141640.0.0.0
.freshnews95.com/	1970-01-21 04:05:01	Name: _ga Value: GA1.2.1345998507.1708141641
.freshnews95.com/	1970-01-20 18:30:28	Name: _gid Value: GA1.2.325290662.1708141641
.freshnews95.com/	1970-01-20 18:29:01	Name: _gat_gtag_UA_293457716_1 Value: 1
.freshnews95.com/	1970-01-21 03:50:37	Name: __gads Value: ID=f38c8fde9baf30ff:T=1708141641:RT=1708141641:S=ALNI_Ma2a1XxsnLYqMMMMPHJcN9S7C_b8A
.freshnews95.com/	1970-01-21 03:50:37	Name: __gpi Value: UID=00000dcaa4465cf9:T=1708141641:RT=1708141641:S=ALNI_MYxunj1hkU77QakAggYa_6b14GEag
.freshnews95.com/	1970-01-20 22:48:13	Name: __eoi Value: ID=c571f60e97bbeb51:T=1708141641:RT=1708141641:S=AA-AfjaFg7gGuhcTNqayN9qOmFaA
.doubleclick.net/	1970-01-21 04:05:01	Name: IDE Value: AHWqTUlGzJrL3aFXYsw3R5PtOTXtwrQ2Do6xtX_FCHWBymvyMZBbCIuQ4JrOzs4-44U
.doubleclick.net/	1970-01-20 22:48:13	Name: APC Value: AfxxVi6RN-su9QyKlgreG-UaUFS8cGdMTwV4aBnhjSWyH8LwwteB6Q
.doubleclick.net/	1970-01-20 22:48:13	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:14:37	Name: CMID Value: ZdAsStHM6kgAAAONAAOrlQAA
.casalemedia.com/	1970-01-20 20:38:37	Name: CMPS Value: 3710
.casalemedia.com/	1970-01-20 20:38:37	Name: CMPRO Value: 3710
.adnxs.com/	1970-01-21 04:05:01	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:38:37	Name: XANDR_PANID Value: va5INEVVc6IC9wcC1RoTUN676_aDp3EWKuTl1ttDHzQEyJ_kl6eFMFGhb7YYqIBtV13sHvbnmGRcVCbX5xdIRDWDyYI2N-An0dyaixAXBb8.
.adnxs.com/	1970-01-20 20:38:37	Name: uuid2 Value: 481031745047059808
.adnxs.com/	1970-01-20 20:38:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$KE+ln=!@wnfH8K6pQK`!5=E<L5?%LldXyC]k_gZwk?PMbifBNX.yzWMBR##o#:.WgbpRzqF1`b^Bh)t?so
.openx.net/	1970-01-21 03:14:37	Name: i Value: 602e98cf-7753-4141-8478-ea446afd3b25\|1708141643
.neural40.cdnwebcloud.com/	1970-01-21 03:14:37	Name: n_one Value: 41f410b8-cd47-11ee-8769-0242ac110002
.freshnews95.com/	1970-01-21 03:14:37	Name: FCNEC Value: %5B%5B%22AKsRol-XvSRZbWznNOpcdnsgN61NNzTY72-FX-2o9OdJfyWF0nhLyejfL106dKLvU0AQSdvl58haMJABGe7c0Xt52ep0eqgf9yAG6oNf_4Rz0zvLUot6x3fH_uZZEkEn6QNMXn4ZA66Y4YL0-tK9Ltqwxh2BI6UrnA%3D%3D%22%5D%5D

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://petalpaloozaparty.freshnews95.com/ Message: Access to font at 'https://freshnews95.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.woff2' from origin 'https://petalpaloozaparty.freshnews95.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freshnews95.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://petalpaloozaparty.freshnews95.com/ Message: Access to font at 'https://freshnews95.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.ttf' from origin 'https://petalpaloozaparty.freshnews95.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://freshnews95.com/wp-content/themes/blogita/assets/webfonts/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://petalpaloozaparty.freshnews95.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bid.g.doubleclick.net
bucket.cdnwebcloud.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
freshnews95.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
neural40.cdnwebcloud.com
pagead2.googlesyndication.com
petalpaloozaparty.freshnews95.com
r4---sn-ab5l6nr6.c.2mdn.net
s0.2mdn.net
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
freshnews95.com
142.250.31.155
142.250.65.230
142.250.72.98
142.251.32.98
142.251.35.162
172.64.151.101
216.128.146.70
2404:6800:4005:815::2003
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::200a
2607:f8b0:4006:824::200a
2607:f8b0:4006:8::9
35.244.159.8
54.229.120.192
54.230.163.129
68.67.160.75
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
02f554d4905a6125975237d1735f2d0f4b6382ab6b5a6b4806767ede85b4fee4
050607ff2603db539a410aa7a49e5b7a8f392ff6cc75a2a9114902b9c800605e
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
09d0a61ccd24c3a5058e77fd468afcf734551bac448c6d1b630622752c2c1cc7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
14b505ce76de15a43f18054e2fcf5a60c583e55642a99748d3ae11f848eb9754
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
1caebeb4fa2f6d63aa8510cb09fd59905b7af50af53c3e5fca43fde5c658ce0a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20185357ab88094444afb8b9bcd2f4bd8eeaeb58cbe0f27c6a823994c02f4085
20deaff9c96077fcdd7958eedd90d1d441d51498e382cd545dedb6eaa95b6f69
218dc188fda20f7029cc78147e42c6f704107f4304120da7ccd65b7976f8f634
2234f3df716f86e56e227f80011d40c0ed650b200e58d96e9c9f1ef7f7f648d4
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2af8bdbd0674a1e2bd9c942377ff4ad076b65b54077c7fd2502c5ac5466195ad
3047048f4ac82b9cda4d283a1716988c9688b56d583bdb70771da218bc999ce1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35f72b332b9fba5918a2665dfaad3a8d869314a40a7194304ab51a3261a2e396
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d
3bde3768d766f149fda9554d4d77eed5ce8f501510f67b75052fdeb2d69d5afa
3e422fcef2236aa4972f19c16df99b49541c27e02ef5ae14682661830f8fdb43
42178f410ece62f8c632840ecf10365c0bb43dc664e84b0d4e7c8c091cc58023
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45565342518890a25b46dee5e726ad773917bfcc17dab19f4d6455f4a4b9c722
496768a8b02935618d786e3cf504d3ea2576e619778a7df1666558f87662106c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4f051a44882876c8ef860be2886a1411e42d9d4ac6e403e7512341ce9bd458ce
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
5940ec26d22528868f968cb2cb4e7329c4d7310fee8593df8dcc1e6e50855ee1
5e81483ecba6272a12d4953e06e81118baeb778e4917ec498142d9a182ede289
5ff9025f16b428475d5a57e133ec69cfdfa2f26f5edc6ac744cb3d2aa8622d18
60f7edde0e0174b1e3d5c4c1332b1b9f25c173c3bbe1fee8a07dc8e5b5d7b29f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
653330e6bd446a36211dd80dcd6a43e89df9ffc780de1046a0485fe8c7125890
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fdbfcc720e6cd616ce3dc4c1f005760b77b3bb72daf59ebe78197dfd4aa26a9
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
7316c9f4d49e26236b93f844761720c06a1e9a32de4eea83678381e3237e0947
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
8aec333ba15f0f3b69d0cc2e24942530d78333fc754a7baaba8a351ddeb7bec8
8ee0654259fda0bbfeab4305b895e740659613080d90352bd36c1452fd426ef6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
996c9ba6058ee6c923859bc020e88987e79ccfd3024e4e4f0897dbc8705e9a6c
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a47ca510e702a8bb97e5fdf139d5fc1b038e1613bba446a49905dbd653e8f028
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ab2b36d61831bd8857f20d945e722f07008657255d0de87551618a79e54b9c4f
ad840ab2de3c3dd88174356ea4e811fee92f2b5f272ac98a4521bd53a34b003d
aed7a62ec82bcae3e3c4ba404127d3845027b11a7c64a29fa78447c9a48f1e53
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b59e57f5b9741b6782981adef5d13985a7d73b788ce5a92eed71a8b5c2c13d95
bb0ac9b634f5bc703946a5622284e26da37237e4122b5db2976d18d5774c907a
bb21aee637d85203df41526f2820a1268b4f9c49dffc162bb5c765d6955a7403
bea13f17d2f9fc3fcc6a3e6ef9d822839b7a97e22d42eaec0ccc63ca7fbbd00d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd064b12bf474f592e665401e05432a6407e5980a3a24175476da425933ffb64
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0557b6a9b249ae7cf18386c9b9f0ab9ff7515800134e686e094807f18987133
d1eff77ea5f031ba4a37d5328646643dad867691c993b0b3345c62899392fa2f
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d5b4eb2cbb493462f13b742a20822298a9389fe54e3be5c0804214dcdbb7db02
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34ce8bfe8c094317424083d89087c0f2a3aff70a92207c637c3034218bbfc1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e705579075b1a6776d2d97e61df34e75dd991058231d2405ec77088213719d4f
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
eaf2ccc92a9f802623e6eb69af21a03fc6ba48b509201e2ded5165b58f22957e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0c7b8d85cf716a020ea19fac22314de48452bc98568517fabdb0ca99ce66930
f1085f59c6b76fcab860403b7900d56c3225b5b51c04ca21a400e9b2fe608f18
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f862b2c9bae54d7692ecac498399b6c0a24a17a64a18c62de10def90b6f0d638
f919be7d51df5a09c1518c47a5eca96403d4317ba44ff78fd301ecaa66d29701

petalpaloozaparty.freshnews95.com Open in urlscan Pro 216.128.146.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

94 %HTTPS

56 %IPv6

13 Domains

26 Subdomains

24 IPs

3 Countries

9669 kBTransfer

12923 kBSize

20 Cookies

15 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

petalpaloozaparty.freshnews95.com Open in urlscan Pro
216.128.146.70 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

94 %
HTTPS

56 %
IPv6

13
Domains

26
Subdomains

24
IPs

3
Countries

9669 kB
Transfer

12923 kB
Size

20
Cookies

156 HTTP transactions
2 data transactions