mineurl.top Open in urlscan Pro
2606:4700:3031::ac43:b34a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mineurl.top/0.2729050838638314
Effective URL:
https://mineurl.top/404/
Submission: On January 29 via api (January 29th 2024, 1:53:32 am UTC) from US — Scanned from US

Summary HTTP 123 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 123 HTTP transactions. The main IP is 2606:4700:3031::ac43:b34a, located in United States and belongs to CLOUDFLARENET, US. The main domain is mineurl.top.
TLS certificate: Issued by GTS CA 1P5 on December 16th 2023. Valid for: 3 months.

This is the only time mineurl.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:3b8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2606:4700:303... 2606:4700:3031::ac43:b34a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
1	104.18.17.254 104.18.17.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
4 17	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::8a	15169 (GOOGLE) (GOOGLE)
39	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4004:c08::6a	15169 (GOOGLE) (GOOGLE)
8	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4006:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.179.156 142.251.179.156	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4004:c08::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:12::8	15169 (GOOGLE) (GOOGLE)
123	16

1 2606:4700:3030::6815:3b8f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mineurl.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3031::ac43:b34a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mineurl.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.17.254 (None, )

ASN13335 (CLOUDFLARENET, US)

stc.pagseguro.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c17::9c (Washington, United States) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::6a (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4006:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.156 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::8b (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:12::8 (Colchester, United States)

ASN15169 (GOOGLE, US)

r3---sn-ab5sznzk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	945 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	338 KB
14	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net — Cisco Umbrella Rank: 917	183 KB
11	mineurl.top 2 redirects mineurl.top	247 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	140 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r3---sn-ab5sznzk.c.2mdn.net — Cisco Umbrella Rank: 69422	2 MB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	242 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	85 KB
1	uol.com.br stc.pagseguro.uol.com.br	3 KB
123	12

	Domain	Requested by
39	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net mineurl.top www.gstatic.com imasdk.googleapis.com
19	pagead2.googlesyndication.com	mineurl.top pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	mineurl.top	2 redirects mineurl.top
9	fonts.gstatic.com	fonts.googleapis.com
8	www.googleadservices.com	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net mineurl.top
6	fonts.googleapis.com	mineurl.top googleads.g.doubleclick.net tpc.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net mineurl.top
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	r3---sn-ab5sznzk.c.2mdn.net
2	www.google.com	1 redirects tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mineurl.top
1	stc.pagseguro.uol.com.br	mineurl.top
123	18

This site contains links to these domains. Also see Links.

Domain
eshopmei.com
tubedown.gq
aronmedeiros.com.br
www.facebook.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
mineurl.top GTS CA 1P5	`2023-12-16` - `2024-03-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
pagseguro.uol.com.br GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 19 frames:

Primary Page: https://mineurl.top/404/
Frame ID: E0113C306551E341EB84B7B3D40813A0
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: C9CBC5169800AD7924B9ED1FA2C8B42B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225187156542571&output=html&adk=1812271804&adf=3025194257&lmt=1706493208&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmineurl.top%2F404%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706493208364&bpp=6&bdt=895&idt=224&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8254745077085&frm=20&pv=2&ga_vid=1873655300.1706493208&ga_sid=1706493209&ga_hid=1549021120&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320889%2C95321627%2C95322165%2C95323007&oid=2&pvsid=118257175289185&tmod=1928897962&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=269
Frame ID: 0F9373F3189D177929E413211DC97A38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225187156542571&output=html&h=280&slotname=2927906236&adk=1204331662&adf=1177066395&pi=t.ma~as.2927906236&w=1110&fwrn=4&fwrnh=100&lmt=1706493208&rafmt=1&format=1110x280&url=https%3A%2F%2Fmineurl.top%2F404%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706493208370&bpp=2&bdt=901&idt=273&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8254745077085&frm=20&pv=1&ga_vid=1873655300.1706493208&ga_sid=1706493209&ga_hid=1549021120&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320889%2C95321627%2C95322165%2C95323007&oid=2&pvsid=118257175289185&tmod=1928897962&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=291
Frame ID: 35CA8F0AA8AC749A316639F552998EEC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 85C415984A11587593016F41647543D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5DE20B718E3478E5E771EF3C01F802F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: BB667A4F9D6405AE82339A47E59FAE67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 921350EA969DCA250082C7110A5940B5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BF7EDC3935A70FF669C1C1EA34A0A03D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 895F66311DCF26A57D3534C286CA2A0E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7D02770F94F6B5AF46E7295756D219A6
Requests: 10 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 86023A426F5136F1A514418E9351971A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C4FC4D1C0477B2E8817B4958C404668E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Frame ID: F418B7DC2460400E97613DEA55C49ED8
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
Frame ID: EB5E7B84C2E3363DF299AD6FC5219397
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: FA1699705ADF57055235B5B2C0B73C4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 660C4FADA510ED6BC6139690B4CF99B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: AE5ACDB84BEFB57F193C96FC090461D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6C9851CC1F6D2C5812DFB2AB83AD4450
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page 404 | MineURL.top - URL Shortener

Page URL History Show full URLs

http://mineurl.top/0.2729050838638314 HTTP 301
https://mineurl.top/0.2729050838638314 HTTP 302
https://mineurl.top/404/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

96 %
HTTPS

82 %
IPv6

12
Domains

18
Subdomains

16
IPs

3
Countries

3874 kB
Transfer

6920 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://eshopmei.com/
Title: eShopMEI

Search URL Search Domain Scan URL

URL: https://tubedown.gq/
Title: TubeDown

Search URL Search Domain Scan URL

URL: https://aronmedeiros.com.br/
Title: Aron Medeiros

Search URL Search Domain Scan URL

URL: https://www.facebook.com/aron.medeiros.b/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/aron-medeiros/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/aronmedeirosb/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mineurl.top/0.2729050838638314 HTTP 301
https://mineurl.top/0.2729050838638314 HTTP 302
https://mineurl.top/404/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://googleads.g.doubleclick.net/pagead/adview?ai=CIVgLGAW3ZfneKuCdvPIPkrGJqA_htr7sdP7gk_GXErCQHxABIKGq1SFgye6Oi8CkjBCgAcyg8_YoyAEJqAMByAPLBKoEiAJP0OqZ90GIngxrB9TxNAA8tfHl8u6YkMpf-IQvvX2QHfLfOJNrKigrFG4V-7K7ag_N_TJmCBQ3aYqWbUyGCjleQcSoAtQsIxIUY5FjQzh6lPBg81q95boG4OQYpShgmdkwgnAB0Cv3AMsisYR90Jx8RD09Sx4giq99UdmDfwg6Eq37LkMVOc5Qxl9SwuzHx0sZnnV_l0Ur4-dX5aoYN5-f9i3HzEiTLVVZrRbTIFySwjbetFM-HvXpq-PoXGhYX58Qziv7SGgqACaQt3QH1Ikhd97Np9wiMDPzuitYxbuIUXkA3LmfkruA7Gl7D_VgteniJF7EA3niJkpYUMl6t_ofGgJtIlKUV5_ABLuJ1PfEBIgF4rvioU2SBQQIBBgBkgUECAUYBKAGLoAHzNjD1gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD_1AnSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMOckMy-gYQDmgkuaHR0cHM6Ly93d3cubWFkZG94ZmlybS5jb20vYm9vay1hLWNvbnN1bHRhdGlvboAKAcgLAaIMCCoGCgSsurEC2gwRCgsQoPm2oPS1m83RARICAQO4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTkyMjUxODcxNTY1NDI1NzEYALIYBRguIgEA&sigh=y9fzcRWH994&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_5yYsiYpt5DuAqWcQBLgvwnrWhmOXcAsbjDkrA58QH9X23NnV6dJsapsUJFyLAMYlbzciFLfNrm2jEBJXMdrCbBKNcliQ9MMFJ6wYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x227d60b190ca617b0000000000000000%22,%222%22:%220x8d96cce34cebf9850000000000000000%22,%223%22:%220x4ed60c19dfe938d20000000000000000%22,%224%22:%220xb65cf0ea4d0e53360000000000000000%22,%225%22:%220xbdbf06a7bc80f3e80000000000000000%22},%22debug_key%22:%229213868329891217305%22,%22debug_reporting%22:true,%22destination%22:%22https://maddoxfirm.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210986770508%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227902369319670382465%22}&andc=true

Request Chain 85

https://googleads.g.doubleclick.net/pagead/adview?ai=CHrh7GAW3ZeSpKdadxAOgja6YDc7AhcV1g521ivMRZBABIKGq1SFgye6Oi8CkjBCgAZ_R6fYCyAEJqAMByANIqgT3AU_Qf2qeLxMiwQPQZQSN9bfhE7gE1V65rRBBdr-2VoR5nQU2J-ZiBktrpLfljPqQs6shugGF44RokDFwuyHAFlXOy6WzuybslryIvzZ3jYPml9MVPgpOVerm8dGoIlWOUhRIZ92PXF0liB33Kcb-OigfTiFLXzP5HMnki6erVhIX2_hVmUMdcoNb2TrZdsFw7rYg1GNC1ySeHkMD7qP5sCxmeP-WcTbHL8g3OpI9us6yAMO1m6oNgZSB5stY4nh7M5WLAa8-YwAEdFw9a3g1zYRB9WIFSDmRFpOciKWhp78zlx2X9_JAZUtMXJuK-dZ2NmA9skRIxAPABIKNhezLBIgF1tXBhk2SBQQIBBgBkgUECAUYBKAGLoAHya6WiQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDgiwnSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMrpjsy-gYQDmgkcaHR0cHM6Ly9qb2JzLmNoc2J1ZmZhbG8ub3JnL4AKAcgLAdoMEQoLEIDg55OespL56gESAgED2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkyMjUxODcxNTY1NDI1NzEYAA&sigh=w0mrp2zn8lQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x232ccbf4437f61630000000000000000%22,%222%22:%220x674adaaa9cda5ff90000000000000000%22,%223%22:%220xc53590895645488d0000000000000000%22,%224%22:%220xb050c4e54bcdb2930000000000000000%22,%225%22:%220xf0d61b3b1f1c715c0000000000000000%22},%22debug_key%22:%227787325512321285550%22,%22debug_reporting%22:true,%22destination%22:%22https://chsbuffalo.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22786065567%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212392950585331967873%22}&andc=true

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=CluSwGAW3ZeWpKdadxAOgja6YDY7Elsp1uLLAvIESr9ak45UOEAEgoarVIWDJ7o6LwKSMEKABp_v3xyjIAQGoAwHIA8sEqgTwAU_QKsBNwJIG7IOZ7kLnw8IG8iPVCM62jvERaL0K_gsopsN0LUaXnVFo4jzGVwLInNSPa9ZTZmdTuv6ZTuUJih7Llkdihj0oo9NqLSaYw3-FJnFnLF0_DdwRT-Z3PkDeSX1w5_NJZtMEPuC7X5I0TB32bZvbwiLi2Z1R5AWr8LrLX8Ce9_M-U7cSwbewJZLCtjY2EoU5dpwAGLz9yRDW2Rlmw61-ZeDzm5BB09Nl0XLCPk8KwDf5Xnccm151LMfUkU0JL4pbLz-UTUUr_3EI4u2JjDnguoYWlk4jlaQ2REyPuJxwztYJKGc5PlGPTQMzbcAEourloNcEiAXizI6HTpIFBAgEGAGSBQQIBRgEoAYCgAfpivOGBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPLGCNIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYyumOzL6BhAOaCV5odHRwczovL3JlbGF0ZWQuYW1pbmVyeS5jb20vYXJ0aWNsZS91bmxvY2tpbmctbmV3LXJldmVudWUtd2l0aC1idXNpbmVzcy1pbnRlbGxpZ2VuY2Utc29mdHdhcmUvgAoByAsB2gwRCgsQkJjttpX6tfSmARICAQPYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItOTIyNTE4NzE1NjU0MjU3MRgA&sigh=ZhffgwIzQQM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb141b65a621c6bf00000000000000000%22,%222%22:%220x54506f51177628ff0000000000000000%22,%223%22:%220x57a592ee9c4dacc30000000000000000%22,%224%22:%220xcc7f6307a250f67a0000000000000000%22,%225%22:%220xaa930e936fb1b6ba0000000000000000%22},%22debug_key%22:%2210149660533622270871%22,%22debug_reporting%22:true,%22destination%22:%22https://aminery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210888281511%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223117771150439215345%22}&andc=true

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=Crp0yGAW3ZeapKdadxAOgja6YDdnSxORunJ7tiPMP7IbqvvokEAEgoarVIWDJ7o6LwKSMEKAB46nuvgPIAQKoAwHIA8kEqgTvAU_Qbp4gThrlNu5CrHsOY-wzHwArZhKVqDb6PBoRAIEPsdFEi8Ex18GmUvpVnZSzEOqVNtrx_4dm1KBMKnIG7lqUGuKW6WmzLGhFu5RNb92_oNohABbLOxvPPxGYCQFbota6gKo1vBafi06YE1tRoCdLthccqhln5satDA9Ci6hrSi_LUYP8HwvXPVB01KkCgOssrAuVcmVu22zAUwp2hfbBherJqBrkYJsg5fwpagj77YGQXnCXACnktULzDjRWZDMGQU6yQu8dwJNlBk4CCbPrZ33s7SLGQTyEfHQN8TsS_8HgSNU9tLzV6Zg9IIE1wASHxsu6-gOIBa_N3vkvkgUECAQYAZIFBAgFGASgBgKAB4XWkUGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDr3CDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMrpjsy-gYQDmgkwaHR0cHM6Ly92aXNpdGJ1cmJhbmsuY29tL2EtYmV0dGVyLXdheS10by1zZWUtbGEvgAoByAsB2gwRCgsQoPfx44K5srS4ARICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItOTIyNTE4NzE1NjU0MjU3MRgA&sigh=Z2ms5oTLf-w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb15b3fdb3adbcab0000000000000000%22,%222%22:%220x3257e8ad68fbf82c0000000000000000%22,%223%22:%220x3666d062ec861b3a0000000000000000%22,%224%22:%220xc8d61098a0ff04e30000000000000000%22,%225%22:%220xd02b6699540a65230000000000000000%22},%22debug_key%22:%224253002489878098839%22,%22debug_reporting%22:true,%22destination%22:%22https://visitburbank.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22937137379%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229160127792587795265%22}&andc=true

Request Chain 105

https://gcdn.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/123C8DF361706F692D60E3B298BEC833A7CC0C1C.603BF56009490E81DE5CCB2DF6DC91973694B238/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-ab5sznzk.c.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/508D91EA41F2306FC942F17949881547B70095E0.3DEC0BAAFE0138EA021A110119F6E12478EA6267/key/cms1/cms_redirect/yes/mh/ZB/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5sznzk/ms/onc/mt/1706492807/mv/u/mvi/3/pl/48/file/file.mp4

123 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mineurl.top/404/
Redirect Chain

http://mineurl.top/0.2729050838638314
https://mineurl.top/0.2729050838638314
https://mineurl.top/404/

12 KB
4 KB

106ms
105ms

Document
text/html

2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/404/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee13cd0d42aec7c05eee806ecf00755e14fcfdf10d865758a0171bb8420d8560

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84cdd7720d394bc7-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:53:27 GMT
expires: Mon, 29 Jan 2024 01:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD%2Bx2fCVqqLJcTtbOrTaSIHdOUPEmO2tbjAdxC05sp7uCwPwUCEI8m%2Bj3bVEzMO0ruloOw0XTAnL6fdhRVXf0%2BV5G68qgsJGeFwORD9IEOYedbVFajsVKZbq0msevIgcQieR8WzD%2F2CGdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84cdd7709c074bc7-BUF
content-type: text/html; charset=iso-8859-1
date: Mon, 29 Jan 2024 01:53:27 GMT
expires: Mon, 29 Jan 2024 01:53:27 GMT
location: https://mineurl.top/404/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUdoFT3jHy%2FGqk9wMTeaM6p5l%2FX70ZaKchkPYgdMf2iYT4qPOIIPd%2FWki2iBhlRxtMU2zAv72gg685rfdt0EfIWABN3BDOxa6xo387nKA7HDJhypn22LDTG5F68A8GvRfJwc1HIh6rpJGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bootstrap.min.css
mineurl.top/assets/css/ 152 KB
24 KB 77ms
76ms Stylesheet
text/css 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/css/bootstrap.min.css
Requested by: Host: mineurl.top
URL: https://mineurl.top/404/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 20:34:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3116
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SI65YEz4%2BsPLd6gp%2BMsyLf76TkSPG%2FoDTZYb7wL7kcmQL4ZhH0YLXebpRA%2B6XdJaDWqPjq50HCeK%2BO4DZ6SFsG9S49QaXqhCAjOWQ1KSlWqvq8T19yZQNqr9ZshbubK6%2BTed1HT9etuwUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 84cdd772df284bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Jan 2025 01:01:30 GMT

GET
H3 200 fontawesome.min.css
mineurl.top/assets/css/ 58 KB
13 KB 53ms
52ms Stylesheet
text/css 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/css/fontawesome.min.css
Requested by: Host: mineurl.top
URL: https://mineurl.top/404/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 20:34:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3116
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNZ%2BKsY3%2FFf9B%2FquC1jokMjtZNqZdjhEmWgH8rVgrzqxOdnDryPmQ3uPGOj6vvM3lpsSj97EuyuZiYlFK81Vr7IXD9WdUCWxeENmPAxHTCpMcwXpgtpFRENiMvueeOTS6QbklhbWztyulg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 84cdd772df2a4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Jan 2025 01:01:31 GMT

GET
H3 200 style.css
mineurl.top/assets/css/ 2 KB
1 KB 52ms
51ms Stylesheet
text/css 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/css/style.css?v=1.6.8
Requested by: Host: mineurl.top
URL: https://mineurl.top/404/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f183a43514ef43593f942544c540595c583fadedf022fa06f79378be617ce2cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3116
cf-polished: origSize=3024
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 11:49:08 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnS8nXplZ2511iiFL81jGUdezZ4ZwAZEm1TpAHy5UcIP9ShRC36uUfbcMnlj3d%2Fqwu3kpjd0GMxC%2FjakKaOxllOYO6Da%2Fn7mGWNoTyDGfk3RwE7bQkIRMlls8Yr8ezdjVOdvYQRbNiul3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 84cdd772df2b4bcf-BUF
expires: Tue, 28 Jan 2025 01:01:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 116ms
39ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14a215bfce939ca17d61d3bc341a11b8af1ccda7d413eda31678fe6dcc7f695a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 00:43:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:53:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
554 B 117ms
39ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mansalva&display=swap

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db8a147fbfdac0d117fd64322421db46c65eb732ca57af6db58581c680e51b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 01:53:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:53:27 GMT

GET
H2 200 184x42-doar-preto-assina.gif
stc.pagseguro.uol.com.br/public/img/botoes/doacoes/ 3 KB
3 KB 859ms
541ms Image
image/gif 104.18.17.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stc.pagseguro.uol.com.br/public/img/botoes/doacoes/184x42-doar-preto-assina.gif

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.17.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b216704a8a1414bcffc5fc179c000878f701465934c04d4ce311422857ac7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Jan 2024 22:24:01 GMT
server: cloudflare
vary: User-Agent
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 84cdd774bebfa21c-YYZ
content-length: 2640
expires: Mon, 29 Jan 2024 02:53:28 GMT

GET
H3 200 rocket-loader.min.js Show response
mineurl.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mineurl.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsiwZg9udpm0Q8XDEP93Au6Ta8o4T4%2BSGST2huiOUWuXixFTKVBaj16iBJ%2BdYKNCXW5DC3SwE28jVdWC9DWVvky7sSbUyu1FJ8vknKgTXEmJ60P6KDQGp%2B9rNjVdjKsMgOIEtY7uWiA7mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84cdd772df2c4bcf-BUF
expires: Wed, 31 Jan 2024 01:53:27 GMT

GET
H3 200 bootstrap.min.js Show response
mineurl.top/assets/js/ 57 KB
16 KB 36ms
36ms Script
application/x-javascript 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/js/bootstrap.min.js
Requested by: Host: mineurl.top
URL: https://mineurl.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 20:34:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3116
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhosPkd7CJr8oVIVJmIgPloDlRZOVmne0z%2BNDdUdyLzbI%2FEwdy7xhn18XMHsmGzAvJfOkLFGIRxkbyou2VtE9Ot6B3Dy5xN5mvX%2BTA78IXSvQhPVRsFZRAbOrahEplMqfhoKp0PwU6DjLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 84cdd773888a4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Jan 2025 01:01:31 GMT

GET
H3 200 jquery.min.js Show response
mineurl.top/assets/js/ 85 KB
31 KB 38ms
37ms Script
application/x-javascript 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/js/jquery.min.js
Requested by: Host: mineurl.top
URL: https://mineurl.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 20:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3116
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7l44Y4etQYJJ7Dl8zHImvuzzDzz7rhv7cyQVkGTGOVYg%2BtdAmJcEFf%2Fstnpm%2BB2BE6zGb0li9M3sW4XOFGu0wPawnwMcvnypXKZLkMEGy8xY2FOkpJXh%2BANVT3KvNxFP4UHoQFBlaFxaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 84cdd773888b4bcf-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 28 Jan 2025 01:01:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 122ms
60ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225187156542571

Requested by

Host: mineurl.top
URL: https://mineurl.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b7b377287a15a6b8bfe2bb4705907826ede80c1bfecf10b628357a7bbee2e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51559
x-xss-protection: 0
server: cafe
etag: 18054287977930871452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 29 Jan 2024 01:53:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 111ms
49ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T622S33TY

Requested by

Host: mineurl.top
URL: https://mineurl.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25dc2125cf81f1b549c8a635e0455db535f1870b17eade78841845c9db7e6bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86760
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 01:53:27 GMT

GET
H2 200 aWB4m0aacbtDfvq5NKliKY8.woff2
fonts.gstatic.com/s/mansalva/v14/ 68 KB
68 KB 181ms
111ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mansalva/v14/aWB4m0aacbtDfvq5NKliKY8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mansalva&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94de6f24ad20f7cdc83bb539aed4f9b61abaa96f0cca7dbb820e388f21705cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:03:19 GMT
x-content-type-options: nosniff
age: 3008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69568
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 01:03:19 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 171ms
100ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:43:45 GMT
x-content-type-options: nosniff
age: 288582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:43:45 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 157ms
87ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:25:58 GMT
x-content-type-options: nosniff
age: 289649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:25:58 GMT

GET
H3 200 fa-solid-900.woff2
mineurl.top/assets/webfonts/ 76 KB
77 KB 65ms
64ms Font
application/font-woff2 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/webfonts/fa-solid-900.woff2
Requested by: Host: mineurl.top
URL: https://mineurl.top/assets/css/fontawesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://mineurl.top/assets/css/fontawesome.min.css
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3116
alt-svc: h3=":443"; ma=86400
content-length: 78268
x-ua-compatible: IE=Edge,chrome=1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Jul 2022 20:34:49 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8zVMh5EDbQsVe6fbwxno5dgxFArONtXE3%2FuWwy2rImRqvXR%2FIgXeK6Q%2FGouL63sYKRkXbXXWfdFy5J61XV7x%2BG3RN0NHfz7ArpYPkOIGNNWdkFf1VcJIpqQdvuTQY0%2F8tW0bzdvUpv4Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84cdd773888f4bcf-BUF
expires: Wed, 28 Feb 2024 01:01:31 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 134ms
64ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:26:01 GMT
x-content-type-options: nosniff
age: 289646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:26:01 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 99ms
29ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:33:47 GMT
x-content-type-options: nosniff
age: 289180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:33:47 GMT

GET
H3 200 fa-brands-400.woff2
mineurl.top/assets/webfonts/ 75 KB
76 KB 94ms
94ms Font
application/font-woff2 2606:4700:3031::ac43:b34a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mineurl.top/assets/webfonts/fa-brands-400.woff2
Requested by: Host: mineurl.top
URL: https://mineurl.top/assets/css/fontawesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:b34a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://mineurl.top/assets/css/fontawesome.min.css
Origin: https://mineurl.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3116
alt-svc: h3=":443"; ma=86400
content-length: 76736
x-ua-compatible: IE=Edge,chrome=1
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Jul 2022 20:34:40 GMT
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYXxKJTb2%2BbmKc%2Fid1cD0SoJXrAkBCc%2BdjLPc76IUTT2MJS9u2oIkDrjsn0i3yHMe45VIaerkqLhr%2FELDtOzT526LdPYvjbXOXHlcY7O%2FrSUJY86DEGSoP7marCdwdqYJsFAYi8zQdpaHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84cdd77388904bcf-BUF
expires: Wed, 28 Feb 2024 01:01:31 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 405 KB
137 KB 141ms
82ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225187156542571

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7d078c277af5c39ce6932f9e1f7eea186082f538c0e29dd8af18ab034a8a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140712
x-xss-protection: 0
server: cafe
etag: 5652510513689348689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 01:53:28 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame C9CB 9 KB
5 KB 107ms
30ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9225187156542571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 52687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 11:15:21 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 11:15:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 111ms
38ms Ping
text/plain 2607:f8b0:4004:c06::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4T622S33TY&gtm=45je41o0v889917705&_p=1706493208335&gcd=11l1l1l1l1&dma=0&cid=1873655300.1706493208&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706493208&sct=1&seg=0&dl=https%3A%2F%2Fmineurl.top%2F404%2F&dt=Page%20404%20%7C%20MineURL.top%20-%20URL%20Shortener&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1487
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T622S33TY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mineurl.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F93 573 KB
103 KB 525ms
522ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225187156542571&output=html&adk=1812271804&adf=3025194257&lmt=1706493208&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fmineurl.top%2F404%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706493208364&bpp=6&bdt=895&idt=224&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8254745077085&frm=20&pv=2&ga_vid=1873655300.1706493208&ga_sid=1706493209&ga_hid=1549021120&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320889%2C95321627%2C95322165%2C95323007&oid=2&pvsid=118257175289185&tmod=1928897962&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae866dc68beaff65025adab8f7264392516cd4462ad3e3209b0dacf639f01fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 105289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:53:29 GMT
expires: Mon, 29 Jan 2024 01:53:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
53ms XHR
application/json 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07340ec1a9fd2f942985c4b1a51a634f3506109ef09bf29075dc5cd0a22484e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12177
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35CA 120 KB
41 KB 462ms
461ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225187156542571&output=html&h=280&slotname=2927906236&adk=1204331662&adf=1177066395&pi=t.ma~as.2927906236&w=1110&fwrn=4&fwrnh=100&lmt=1706493208&rafmt=1&format=1110x280&url=https%3A%2F%2Fmineurl.top%2F404%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706493208370&bpp=2&bdt=901&idt=273&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8254745077085&frm=20&pv=1&ga_vid=1873655300.1706493208&ga_sid=1706493209&ga_hid=1549021120&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320889%2C95321627%2C95322165%2C95323007&oid=2&pvsid=118257175289185&tmod=1928897962&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f68f61962752a66090610b7b4db84458f5248f76e2a493a3347a89b387760dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41727
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:53:29 GMT
expires: Mon, 29 Jan 2024 01:53:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 01:53:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 85C4 13 KB
5 KB 31ms
29ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 37754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 15:24:14 GMT
expires: Mon, 27 Jan 2025 15:24:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E5DE 829 B
1 KB 112ms
45ms Document
text/html 2607:f8b0:4004:c08::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::6a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c144c3ab0d59bbb8a6ee6b652ff4c550c95d2d9c15edcfc6266b7c4f992f33a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WakeTTH5sS63fOWm6z01PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WakeTTH5sS63fOWm6z01PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:53:29 GMT
expires: Mon, 29 Jan 2024 01:53:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 85C4 39 KB
15 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 17:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 17:49:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E5DE 0
0 46ms
45ms Image
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=118257175289185&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 35CA 4 KB
751 B 42ms
41ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9225187156542571&output=html&h=280&slotname=2927906236&adk=1204331662&adf=1177066395&pi=t.ma~as.2927906236&w=1110&fwrn=4&fwrnh=100&lmt=1706493208&rafmt=1&format=1110x280&url=https%3A%2F%2Fmineurl.top%2F404%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706493208370&bpp=2&bdt=901&idt=273&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8254745077085&frm=20&pv=1&ga_vid=1873655300.1706493208&ga_sid=1706493209&ga_hid=1549021120&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1119&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320889%2C95321627%2C95322165%2C95323007&oid=2&pvsid=118257175289185&tmod=1928897962&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 01:40:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 85C4 0
10 B 32ms
31ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iXhJMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 35CA 2 KB
822 B 33ms
33ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 35CA 23 KB
9 KB 35ms
33ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 35CA 3 KB
1 KB 36ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 35CA 20 KB
8 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35CA 205 KB
65 KB 39ms
36ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 35CA 37 KB
16 KB 103ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 17:46:20 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2575674913806638238/ Frame 35CA 178 KB
178 KB 36ms
36ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2575674913806638238/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c9db225d84a110c587188509388256bb0e6b15e12e9f6483c1bbab91c7ea45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 01:40:35 GMT
date: Mon, 29 Jan 2024 01:40:35 GMT
x-content-type-options: nosniff
age: 774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182050
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 16:00:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4671635937099146573/ Frame 35CA 2 KB
2 KB 55ms
55ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4671635937099146573/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0def687e610a19f3cfc1c6b4a009ca7ab4f181db969af2bc1fac9cce3e787f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 29 Jan 2024 01:53:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1597
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 16:00:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:29 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 165 KB
56 KB 66ms
65ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

812d569c68f60ed928bcc31471fe24c76934342ee460ca5a671c715ebc8f5334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56995
x-xss-protection: 0
server: cafe
etag: 2816725819126352261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
44ms Image
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C95320869%2C95320889%2C95321627%2C95322165%2C95323007&hl=en&pvc=118257175289185

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 35CA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21188a338bb6fa890b7b331f4d61d5768d002118d14d43c36f9ee396a8c17a7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35CA 16 KB
16 KB 30ms
29ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:25:59 GMT
x-content-type-options: nosniff
age: 289650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:25:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 35CA 15 KB
15 KB 30ms
30ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:31:16 GMT
x-content-type-options: nosniff
age: 289333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:31:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 35CA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIVgLGAW3ZfneKuCdvPIPkrGJqA_htr7sdP7gk_GXErCQHxABIKGq1SFgye6Oi8CkjBCgAcyg8_YoyAEJqAMByAPLBKoEiAJP0OqZ90GIngxrB9TxNAA8tfHl8u6YkMpf-IQvvX2QHfLfOJN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x227d60b190ca617b0000000000000000%22,%222%22:%220x8d96cce34cebf9850000000000000000%22,%223%22:%220x4ed60c...

0
0

427ms
157ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x227d60b190ca617b0000000000000000%22,%222%22:%220x8d96cce34cebf9850000000000000000%22,%223%22:%220x4ed60c19dfe938d20000000000000000%22,%224%22:%220xb65cf0ea4d0e53360000000000000000%22,%225%22:%220xbdbf06a7bc80f3e80000000000000000%22},%22debug_key%22:%229213868329891217305%22,%22debug_reporting%22:true,%22destination%22:%22https://maddoxfirm.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210986770508%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227902369319670382465%22}&andc=true

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x227d60b190ca617b0000000000000000","2":"0x8d96cce34cebf9850000000000000000","3":"0x4ed60c19dfe938d20000000000000000","4":"0xb65cf0ea4d0e53360000000000000000","5":"0xbdbf06a7bc80f3e80000000000000000"},"debug_key":"9213868329891217305","debug_reporting":true,"destination":"https://maddoxfirm.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10986770508"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"7902369319670382465"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 01:53:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 01:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x227d60b190ca617b0000000000000000","2":"0x8d96cce34cebf9850000000000000000","3":"0x4ed60c19dfe938d20000000000000000","4":"0xb65cf0ea4d0e53360000000000000000","5":"0xbdbf06a7bc80f3e80000000000000000"},"debug_key":"9213868329891217305","debug_reporting":true,"destination":"https://maddoxfirm.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10986770508"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"7902369319670382465"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame BB66 50 KB
19 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 00:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 00:03:56 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 9213 9 KB
4 KB 31ms
30ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 10:57:39 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 10:57:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame BF7E 9 KB
4 KB 33ms
30ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 10:57:39 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 10:57:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 895F 9 KB
4 KB 37ms
30ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 10:57:39 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 10:57:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 7D02 9 KB
4 KB 33ms
32ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mineurl.top/404/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 10:57:39 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 10:57:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 9213 4 KB
671 B 46ms
45ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 01:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 9213 16 KB
7 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 9213 22 KB
9 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 10:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 10:15:51 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 8602 9 KB
4 KB 38ms
36ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 17:46:19 GMT

GET
H2 200 5154246e00432523dc2699fccaa9746f.js Show response
www.gstatic.com/mysidia/ Frame 8602 42 KB
16 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5154246e00432523dc2699fccaa9746f.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2ec9602be045040cd3507d282ad447a6d4fa12cc53d596017334bbbf146340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16643
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 17:33:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8602 2 KB
822 B 40ms
39ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:25 GMT

GET
H2 200 a9236e80b53d06124e135fbb61f51146.js Show response
www.gstatic.com/mysidia/ Frame 8602 23 KB
10 KB 51ms
48ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a9236e80b53d06124e135fbb61f51146.js?tag=exit_2019

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8fcf6605dc44f9b2b7cd65ce594db86a9f7a06f3efc07a984148c8ce388ca30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9797
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 17:46:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 8602 23 KB
9 KB 40ms
38ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8602 3 KB
1 KB 42ms
40ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8602 20 KB
8 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8602 205 KB
65 KB 45ms
43ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 8602 37 KB
15 KB 44ms
43ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 17:49:07 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 257ms
158ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:53:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 895F 2 KB
822 B 39ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 895F 23 KB
9 KB 39ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 895F 3 KB
1 KB 38ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 895F 20 KB
8 KB 39ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 895F 205 KB
65 KB 39ms
33ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 895F 37 KB
15 KB 41ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 17:49:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 7D02 23 KB
9 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4FC 143 B
166 B 35ms
31ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:23:06 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7D02 3 KB
1 KB 32ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7D02 20 KB
8 KB 34ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
H3 200 303158613005188214
tpc.googlesyndication.com/simgad/ Frame 7D02 37 KB
37 KB 36ms
32ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/303158613005188214?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlWfk8Y2D3EurtexVVc6KwDotbhVQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec1ddec69329ebd49ac69872919dd884ad6dc48518f96d2b908ddb53245c6096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 00:02:11 GMT
x-content-type-options: nosniff
age: 6678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37453
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:30:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 00:02:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D02 205 KB
65 KB 37ms
33ms Script
text/javascript 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7D02 36 KB
15 KB 39ms
35ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:18:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame F418 23 KB
9 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34945
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F418 8 KB
750 B 44ms
42ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 01:31:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:53:29 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame F418 15 KB
3 KB 206ms
116ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:38:36 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame F418 378 KB
132 KB 121ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:46:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F418 20 KB
8 KB 30ms
30ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 16:11:12 GMT

GET
DATA 200
OK truncated
/ Frame 8602 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 923202469c3e13b852299228081d602c5659ce4188dc34115dcde438c86d506d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/ Frame EB5E 19 KB
4 KB 64ms
64ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5154246e00432523dc2699fccaa9746f.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba259c76767dde47e6e21ac0ac46f6fb60bd6322dfdaf0d776732f38302d1c8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:53:30 GMT
expires: Tue, 28 Jan 2025 01:53:30 GMT
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7D02 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b7afe9da7aba5fb45cf952938a159366f70379ffb0cbbe8559335632d2576fd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame FA16 50 KB
19 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 00:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 00:03:56 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8602
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHrh7GAW3ZeSpKdadxAOgja6YDc7AhcV1g521ivMRZBABIKGq1SFgye6Oi8CkjBCgAZ_R6fYCyAEJqAMByANIqgT3AU_Qf2qeLxMiwQPQZQSN9bfhE7gE1V65rRBBdr-2VoR5nQU2J-ZiBkt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x232ccbf4437f61630000000000000000%22,%222%22:%220x674adaaa9cda5ff90000000000000000%22,%223%22:%220xc53590...

0
0

93ms
92ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x232ccbf4437f61630000000000000000%22,%222%22:%220x674adaaa9cda5ff90000000000000000%22,%223%22:%220xc53590895645488d0000000000000000%22,%224%22:%220xb050c4e54bcdb2930000000000000000%22,%225%22:%220xf0d61b3b1f1c715c0000000000000000%22},%22debug_key%22:%227787325512321285550%22,%22debug_reporting%22:true,%22destination%22:%22https://chsbuffalo.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22786065567%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212392950585331967873%22}&andc=true

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x232ccbf4437f61630000000000000000","2":"0x674adaaa9cda5ff90000000000000000","3":"0xc53590895645488d0000000000000000","4":"0xb050c4e54bcdb2930000000000000000","5":"0xf0d61b3b1f1c715c0000000000000000"},"debug_key":"7787325512321285550","debug_reporting":true,"destination":"https://chsbuffalo.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["786065567"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"12392950585331967873"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 01:53:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x232ccbf4437f61630000000000000000","2":"0x674adaaa9cda5ff90000000000000000","3":"0xc53590895645488d0000000000000000","4":"0xb050c4e54bcdb2930000000000000000","5":"0xf0d61b3b1f1c715c0000000000000000"},"debug_key":"7787325512321285550","debug_reporting":true,"destination":"https://chsbuffalo.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["786065567"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"12392950585331967873"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4949141710177688603
tpc.googlesyndication.com/daca_images/simgad/ Frame 895F 29 KB
29 KB 58ms
56ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4949141710177688603?w=360&h=640&tw=1&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18469d6b7581c5a92b6d05ca377d689d30ea9941e6130800cd014ce3baa0f82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29747
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 04:44:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:53:30 GMT

GET
DATA 200
OK truncated
/ Frame 895F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb715fd3096c0720c2cf46d2d2518cee18f485af79925620b037991c49cb90a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C4FC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
43ms

Document
text/html

2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:53:30 GMT
expires: Mon, 29 Jan 2024 01:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 01:53:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 660C 50 KB
19 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: mineurl.top
URL: https://mineurl.top/404/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 00:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 00:03:56 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 895F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CluSwGAW3ZeWpKdadxAOgja6YDY7Elsp1uLLAvIESr9ak45UOEAEgoarVIWDJ7o6LwKSMEKABp_v3xyjIAQGoAwHIA8sEqgTwAU_QKsBNwJIG7IOZ7kLnw8IG8iPVCM62jvERaL0K_gsopsN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb141b65a621c6bf00000000000000000%22,%222%22:%220x54506f51177628ff0000000000000000%22,%223%22:%220x57a592...

0
0

100ms
100ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb141b65a621c6bf00000000000000000%22,%222%22:%220x54506f51177628ff0000000000000000%22,%223%22:%220x57a592ee9c4dacc30000000000000000%22,%224%22:%220xcc7f6307a250f67a0000000000000000%22,%225%22:%220xaa930e936fb1b6ba0000000000000000%22},%22debug_key%22:%2210149660533622270871%22,%22debug_reporting%22:true,%22destination%22:%22https://aminery.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210888281511%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223117771150439215345%22}&andc=true

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb141b65a621c6bf00000000000000000","2":"0x54506f51177628ff0000000000000000","3":"0x57a592ee9c4dacc30000000000000000","4":"0xcc7f6307a250f67a0000000000000000","5":"0xaa930e936fb1b6ba0000000000000000"},"debug_key":"10149660533622270871","debug_reporting":true,"destination":"https://aminery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10888281511"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"3117771150439215345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 01:53:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb141b65a621c6bf00000000000000000","2":"0x54506f51177628ff0000000000000000","3":"0x57a592ee9c4dacc30000000000000000","4":"0xcc7f6307a250f67a0000000000000000","5":"0xaa930e936fb1b6ba0000000000000000"},"debug_key":"10149660533622270871","debug_reporting":true,"destination":"https://aminery.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10888281511"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"3117771150439215345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7D02
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Crp0yGAW3ZeapKdadxAOgja6YDdnSxORunJ7tiPMP7IbqvvokEAEgoarVIWDJ7o6LwKSMEKAB46nuvgPIAQKoAwHIA8kEqgTvAU_Qbp4gThrlNu5CrHsOY-wzHwArZhKVqDb6PBoRAIEPsdF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb15b3fdb3adbcab0000000000000000%22,%222%22:%220x3257e8ad68fbf82c0000000000000000%22,%223%22:%220x3666d0...

0
0

95ms
95ms

Fetch
text/css

172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb15b3fdb3adbcab0000000000000000%22,%222%22:%220x3257e8ad68fbf82c0000000000000000%22,%223%22:%220x3666d062ec861b3a0000000000000000%22,%224%22:%220xc8d61098a0ff04e30000000000000000%22,%225%22:%220xd02b6699540a65230000000000000000%22},%22debug_key%22:%224253002489878098839%22,%22debug_reporting%22:true,%22destination%22:%22https://visitburbank.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22937137379%22],%2222%22:[%22true%22],%224%22:[%2201-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229160127792587795265%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfb15b3fdb3adbcab0000000000000000","2":"0x3257e8ad68fbf82c0000000000000000","3":"0x3666d062ec861b3a0000000000000000","4":"0xc8d61098a0ff04e30000000000000000","5":"0xd02b6699540a65230000000000000000"},"debug_key":"4253002489878098839","debug_reporting":true,"destination":"https://visitburbank.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["937137379"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"9160127792587795265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 01:53:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfb15b3fdb3adbcab0000000000000000","2":"0x3257e8ad68fbf82c0000000000000000","3":"0x3666d062ec861b3a0000000000000000","4":"0xc8d61098a0ff04e30000000000000000","5":"0xd02b6699540a65230000000000000000"},"debug_key":"4253002489878098839","debug_reporting":true,"destination":"https://visitburbank.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["937137379"],"22":["true"],"4":["01-29"],"6":["true"]},"priority":"500","source_event_id":"9160127792587795265"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F418 0
234 B 379ms
125ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lry9zw1i&c=42158023345&slotId=21079011672.5&qqid=COOVj8y-gYQDFdYOcQodoIYL0w&fb=outstream-lima&sei=44746068%2C44752538%2C44804917%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F418 0
20 B 90ms
89ms Image
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CtUl6GAW3ZeOpKdadxAOgja6YDb-qxJJ1r4zksukS8C4QASChqtUhYMnujovApIwQyAEFqAMByAObBKoElAJP0Pa2sL411QJOZtsaJkgpMdmgHLmaYrOk13GkPTr0wVzRj6OTVgJ9XBRSW5KUnpQX_7rN0rloNLnknBUIVDGTaePvSYWXKFpGQyd1XRvO23IWbJC5VKtPxZr_dvuWbaSyqLTsXbl2debnhmbAXLHmwvGPprIO4fPxahph2NFQG3xbcQJvN9pgIvcpUUssw1gu4_cWZdl4SMaQWbLbMz4zKnGdJ2F8nTVKoaoqTHYPnRhuey89hym8EmzS-0FGQ4mmMWA8T7HgcLIrUFbY8Gp9y3Zj885VBrpV_0MRiA8TMKHhQFVDZfkDEF4c0N-1j9Vzp_dAI8ou3_8NBiOzVac_1VmmBmHi2xb4RB8fjvYQA1HZLzbABOWyrKXKBOAEA4gFqsby8E2QBgGgBnaAB4-Yk88EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYyumOzL6BhAOACgHICwHgCwGADAGqDQJVU7AT39yaFsgT88Cm5APQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1706493210112&ai=CtUl6GAW3ZeOpKdadxAOgja6YDb-qxJJ1r4zksukS8C4QASChqtUhYMnujovApIwQyAEFqAMByAObBKoElAJP0Pa2sL411QJOZtsaJkgpMdmgHLmaYrOk13GkPTr0wVzRj6OTVgJ9XBRSW5KUnpQX_7rN0rloNLnknBUIVDGTaePvSYWXKFpGQyd1XRvO23IWbJC5VKtPxZr_dvuWbaSyqLTsXbl2debnhmbAXLHmwvGPprIO4fPxahph2NFQG3xbcQJvN9pgIvcpUUssw1gu4_cWZdl4SMaQWbLbMz4zKnGdJ2F8nTVKoaoqTHYPnRhuey89hym8EmzS-0FGQ4mmMWA8T7HgcLIrUFbY8Gp9y3Zj885VBrpV_0MRiA8TMKHhQFVDZfkDEF4c0N-1j9Vzp_dAI8ou3_8NBiOzVac_1VmmBmHi2xb4RB8fjvYQA1HZLzbABOWyrKXKBOAEA4gFqsby8E2QBgGgBnaAB4-Yk88EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYyumOzL6BhAOACgHICwHgCwGADAGqDQJVU7AT39yaFsgT88Cm5APQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F418 0
54 B 367ms
125ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lry9zw1t&c=42158023345&slotId=21079011672.5&qqid=COOVj8y-gYQDFdYOcQodoIYL0w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.15d&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame F418 30 KB
17 KB 170ms
80ms XHR
text/xml 142.251.179.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CPz7cNVsRQ_wxAEXtQlUpvyql_gVbudYGYDbBcqIrNg2YH1j7JAQ4tV9YxgQquxWrUpnuWP5B1TSWUg6I-9v0aAejBmg&cry=1&dbm_d=AKAmf-Ajlmh10Jhw6s6WXySoHTn8Q86hqfVpUFvD4tO0C0IpjZIXBFf7xnBJcsFdhEWEAwHSFRukapVGpfT2N4ybsTutNjMfGeDK1paUKMWZbaNGwcnWA_-WsApH9nSoHiVgbEQwWjFg5QWaoRkz7YVBBtnH-bUupUjhZC8t0fXLhyrRmKBSoZHp7aqiZJlSF5Sy-myQ2kVN5p8emtLhJnOkNPIX0QL-_mRU_jO5HvfPlHFrUhegsVzFSV-yoIQOHvtRZgEBhjsWaqIt0OGW3pfYGMxVEim1cBIIQQ1xnqTuAl1-8lkc5Aqm9ayqQgwX8KxU4bPLIX1_MvBBLVqZ0MAjKvBHhudHRTF5Iu-rsLB7Y2wY7gRy_q3iQ9cdt1U7mcWN_3dtAdqEM9z6M3znRXmf5_8UL-ZDQs76gM4ynVWdTjEruloyXwDvawbRLawTw_EOQi83_cMsB6S_f_Qlv12nJoK_4j95HDEjASEOzArZrdHRe1X8puQ4MW5w8nOlMQ9Kny8d54qxjB2i2Gg1w_kXytELpewkedOrHkujsj6r4pKgn0YUiKw7ivU0tPdKjksMNYBETavE_MdU1gQtnfi5xxkuVBBOYaVAU-gavcLdDl0SpmJ2vBVMuGq-WbXbrzADH6Lh-D-S7ZxiSViY3RrpsiL1cg0o5bU6QtfQ_5jkC_KcyqJVksYuKOR_2Hmr2sU7Vdeh4-F71jcbxvSpEieAbowki8T-ndFy54r5FEPqw_kQxBZsVAhDPg6icoB5cs6VI8TwNoXPpr62xl8jO1uxQdwJ5rCmvtu7oopyvzYDT7k7NUQW7CF-7GER_-rieHHZgmWyB96jHHBT-BC24sshdQZaysIdJZTuXMg51peW3gSd7yzDbOYF_3Nc1QjJ7eEPQ464E3RcbXoUUD1kqQ2a2oJ6ccc2XAsHWaqlmsZTKhalbgmJan5A_hnZ7-ghBYmQSFHQ9TVHTVcI-F1t2a0UnaBR4AGjxAyauEhPkUwcQt4Fqx128nDWrlz_sZdYTQ8ppa6PjY16aknmzLKUavKw7uTZZl5t_cYfkReg6kiXlYl-M976IQ2R4N69RXl1GW_TNo-kLtgos1tID9x0aoiufIIw7Ql62mFvawKFw1dbmC2m8i7ZPtjcgYyGK_KdwbIZxkyv0vfB7NY4G08lNFyK09uOaqrFNum2dxHgCxBCYKMQsgnnkOQggYgTJ02jiNqZtkTvS0sAZr2B_1I9hqtlqqe3069cbnEb60A-5x5n7AF1zOrMA7099Y1OZmxM2Xo6hkEmu3Rr1vx9ZUjdUXNRU33hBpNdO_m7L7MxaRa4JK56Jn0XYoSAs6fbFxCU3qzW776UklVZr1x72YXjn1paXaYRIwc7sr0E1C5qnMyUULl1lb1Xj0TmFvqQxxmWpY1TNp58ZogR0lb7Wd7Hr-TsqBKbyiZJjJNIJjG6tMfclP0Ma4jVb-ETRngXdSNZkoEAzxISF5EZWoOnZUR00NCNWrKfqgv2nPfOMbrRp6x38Qf-FjakZGy6AB9G8VEzXhp2ujeZZtAyf2vfI2UGhoRBnyi-2WwfaR8k9aqVUFpSNiAPUCXSonjlVENIJFUyueJpyMcgnA2KeMBgMCNzJvuGRVY1wRcv6avtnAV6Adw1DBpn27ErPieU_t04Jy2kwLvPMpdlmVIgB0CWLyYzLWv3Bd2VeIpKzxU9j-42LthgvUq0AD0kqxCV2ynD5uS2vtPGM_9JMkNFwGfUC4BbQl9lkeyJ88NLQFSCuFS6WyhaXdHEA5kwsnXuPP9EwYdV7Iupt_CpQ5bHn6RdviYUkbkJs1iQUl3VCJgXGs4r-pXwYehDP1U_6tWNPJlBTpxaE7TPv0eWXRSniX0THh4Wy0mTF1cqIQpg-Fzytv4Dqf7USpef0sDE0RimtNRChDtd4iBz5Ql2s-7gpHa4ZKEXnowawXTpKIG49catFc_PNlTliIe8bGN4dfMC4EVUW_UK7w9DG7xwynoRYv0cSDv4pvamNUpTIfaDiAmFd8Y8uOE47bnr75XxUACT8dVvhgOJkJAD1UpBC684X3lKZMvFI7Wf-JD-ON9W6_Lwmtn7ZVEjAihhQcXqvYTq9KJ1E_QbrFvS1bi3MI2hpMut7bWO6vW_tvf3VnVvCPUvO51mLo1REW7m32311hV11rQ67d-1Xfwx2bEphF5boCGVaiwtSdguI_-B7l4NnUCOkImjME8b4Fmur65JITXwOsC7VHrT47idaqjbPc69k20rce1DF8WNUi4SrGBlURQPmn1tK6MihT3OKLEi4xM5EpULuZusF186GP2nERrpUlp6qhD6uZo-ZcZb_ck7H59noq51b2hgF9T0HC_JhPTxmLFLZ59vfxD52sL0vdHuZRszyeBrlUeT9rCDz84HtAKkbHVcgsTTa5NYLYxfghKSS0j9hVwor-NeaB_jUomjc73aWM1qWoCeu7ejmXTwDha8CZcGNosXQBt3705omcC4eEwVy-kCiarHBYfPUB3geyi4sN0hvTuyXVes1XWu7zyHmwO8hiK2cYwOjtrIcpx-QNVqB_14mTva19heEy_nHCfaYqIYAb4211-0n6i8j6FeckyUNmSTafbZa3_8zcOTHI6CUSwttA3sgSWYHKLtSdWFkK_BwJUUs_a3HdO1om0VEb40JTM_PkQgR5yY65-ID96nGEPVqWTRqTabwlbf96r6BCLOCsTPdoR8AjHxAtL4kfvMNAEMe_X3Ioei4-FrKNtSQV382J6y2cLCXFj8snXSqWfi-FQSaoitTZAjr5shLE9MHaolMPMo5lm4QVm3tp1tURyoymCwl6VYRH0LUAwKM8zjmLRnrassqr-AE2Yev0qWxA_TPnhnT1Ez1wm_CYXVaFWbN9EZojLIGsLWMXaQTg0-PNBKtSB29gUpKudkiBukAD5EdP6Sq7OlAXy68Hi3uV4MDW0YTh8Ph0Rm9SPGe8mxz8rGXhILK6yGT1SooHZRnF5ILIfmeHWc430RpzfHpspFIrMXzFCWX2_8r_mVJDN9qWxQ5MKnBsNRlob27K7oNINDsBReR0suZC51e8_S69p1_Tmhdey96EZ62dh4JZdJ9bFx8dpFXt3eWe1unXABzT82J-BPeQMhmyymL2Gnf-OmPLbmQoneUAGqM-obNsYzgrqKKMckMtAU0YurWJ3mfd_E0EGvpgA81NW74JKI6k7-l31p0DTWizqTXgOK7ztAAkDzI8GXkWvhQuQJvFXbMJtNmr-GvIUxJnbO0G_R-29cHVYrll4cevcigPWjheoUdnYXQfU2ykN48OxGCNH-5DkiGIMIY2t-FM38BU4RRDXF7Fv2KNdzn71cTUnTWFHmGE22ZF1smz6kRzOdCXYetrPYSTCHhn93NH50BzTdE1AbWhchcakInMdmHJ2q45DpLBfkPZCzhSoXxJ_SFMscyqITI7e61B6p_oQkMeJhSw9N59rj96UcT7x641Xow2eByPPX-SXoOffPbF0AL0r8j9AhLxcsRXKMIunBVCBCaRs5z6CwB9Ku95f3U9eKt84Uex4BaVmUcHKcN11W6rg_RGzAGOgpIwhJ4rOThUfEpUQHg1N8cJEVEbJgJv9xl-IEQJucqqtkMWCl2s3TwjgAaK2wnv_SUYDrb2Kmmqd0wwLqltqhlILkigrU5WCx6C1G-DoHgLUZEyzWmQ&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f156.1e100.net

Software

cafe /

Resource Hash

6e007a47681a3b2f7d2d81900fba18c10c8b79a5ed8c8ff095be710a6ea33c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17240
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Image
text/html 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=118257175289185&bg=!mJulm9TNAAa8BdJLnAU7ADQBe5WfOJYrMLV3Vq_jvYCJwP9-ScVQY1a9y8jmnJJhmx8PBYJDAXcmM3mydCADMN5vS_h1AgAAARlSAAAAB2gBB5kCxgcIdlZyKniFC25DCXssIjpdwgLXjMx-rTGecUf9HGi9fJlovoUNa0BuDQxRpGu9OqeC1S1L0PYcRJehaPkbVZfG3zZbANJzXR7_SKstNTASOWMUSCvqgzVj4T4rykPlLiUAmu0HkPyrcHnwuPs7LLnJqB9t0BffOkyX0fSiqB1GBVYFCrTojw2HJ6M6isqceaIBh6dz0E5UvfZZGU-S3tG85dx3dvCxPcYK0oCDnmfpfZVbqchKorlG-4iEfsOh4hikP2kWrnebKzj5aMOoswxES-EHeKrl95uX4ajHGahHqZPQ250dT-LRrEWemJRaQIRsp9ZdeLazTYvOz7QSqFuAdCKo424RC9w2hxmVzi41dgP82FmV7P4sKNSzLzNHyu73vfIC3l0FWdcjS375_wC2DsVTi6J7Q311x-p3-KTfA8EhA3sBKryPegb7KiAXderxHESiu_RCGBuqBZqyG9_sB2pO-yfSGfnGfIEVnPpEnGK7vnOuAOTFBfw6LAJUI2aC3R5xE9-HW8DNyt63wXD4f6XrcU8ZZcX_tyuSoXnt4aG1ZgoaQqQHk3JgSLpWEGUs6i04Iv23Zfu5-dJ9CtXMFD6kEPR6sHEJg-TLTdscspjom_kvQZS48jJ-QOK_jG1efOfHpTGGxXAD34hNjv5PFTmE3k5DQJBaK2VHw8Jz4iwc6CefCn57CJmk9q6043IZFcBZRTRUub9Uvk9njHaSAjRU6L1aP6VYUERlmhzuQqYXavrwASydKB_RXALVo_0et665lI4LVV9rnatGrkWcPz_Z8vBSLrwcDsJ_rptZrH8EF0y4iO9LR4X4PtOihfrg_40l1YBz-U1iY23_dDfNw04GtF1mAJPkXv2WoZWMpgNqLg2AOK4Mam-V8ZI8KBqTET1SyVK8lfhe-G_MS64rEwfNtLprfZuIdkyhtyErZXspJ7ag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mineurl.top/404/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 94ms
92ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:53:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
91ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:53:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EB5E 6 KB
3 KB 33ms
31ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 13:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 29 Jan 2024 13:22:45 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EB5E 34 KB
13 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 16:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 29 Jan 2024 16:14:51 GMT

GET
H3 200 22c3b61e0d73175f5b331f6b5156ea9d.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/ Frame EB5E 130 KB
37 KB 55ms
54ms Script
application/x-javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/22c3b61e0d73175f5b331f6b5156ea9d.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb04ca2710ac6e54ef209c03161c9a15ce112a698a867ec3b2a5bf292ac9531

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 94ms
93ms Preflight
text/html 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 Jan 2024 01:53:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F418 0
54 B 127ms
127ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lry9zw26&c=42158023345&slotId=21079011672.5&qqid=COOVj8y-gYQDFdYOcQodoIYL0w&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame F418 41 KB
15 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 16:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 16:12:07 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-ab5sznzk.c.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F418
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-ab5sznzk.c.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

109ms
26ms

Fetch
video/mp4

2607:f8b0:4006:12::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-ab5sznzk.c.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/508D91EA41F2306FC942F17949881547B70095E0.3DEC0BAAFE0138EA021A110119F6E12478EA6267/key/cms1/cms_redirect/yes/mh/ZB/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5sznzk/ms/onc/mt/1706492807/mv/u/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4006:12::8 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 01:53:30 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1713143
Last-Modified: Tue, 02 Jan 2024 21:51:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 29 Jan 2024 01:53:30 GMT

Redirect headers

date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-ab5sznzk.c.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/508D91EA41F2306FC942F17949881547B70095E0.3DEC0BAAFE0138EA021A110119F6E12478EA6267/key/cms1/cms_redirect/yes/mh/ZB/mip/2602:ffc8:2:104::3/mm/42/mn/sn-ab5sznzk/ms/onc/mt/1706492807/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame F418 453 B
594 B 38ms
37ms Image
image/png 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9225187156542571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Mon, 29 Jan 2024 02:43:30 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame AE5A 50 KB
19 KB 30ms
29ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 00:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 00:03:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EB5E 4 KB
629 B 40ms
39ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/22c3b61e0d73175f5b331f6b5156ea9d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0538d79df0e4e27bd6ae05eeb8845c58fc43ff1e713cdd0efb803bf842ce341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 01:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 01:53:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 01:53:30 GMT

GET
H3 200 9a2159d00c5cc011373e15bdaab40789.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/ Frame EB5E 3 KB
3 KB 52ms
51ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/9a2159d00c5cc011373e15bdaab40789.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

278224323ee2965894e25945bfe5999d1e822849b8f21f0d8d4c4963b7289543

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2674
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

GET
H3 200 85fe53ecd1cb067d80adfdf49af0d7c1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/ Frame EB5E 25 KB
25 KB 53ms
52ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/85fe53ecd1cb067d80adfdf49af0d7c1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870f4d51610f5b023eb5a5e072d1b983db9d598448500a1649acf938d440c937

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25524
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

GET
H3 200 fb52c502bc6113d391d2910dffd120de.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/ Frame EB5E 23 KB
23 KB 46ms
46ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/fb52c502bc6113d391d2910dffd120de.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48afc21e55231f6f9f111d8ec9b8fe8f29c7f587a61b1666d4d5a1aa98f3e9c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23820
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C98 23 KB
8 KB 31ms
30ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 185932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 22:14:38 GMT
expires: Sat, 25 Jan 2025 22:14:38 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EB5E 15 KB
16 KB 30ms
30ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:38:36 GMT
x-content-type-options: nosniff
age: 288894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:38:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EB5E 15 KB
15 KB 34ms
33ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:25:59 GMT
x-content-type-options: nosniff
age: 289651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:25:59 GMT

GET
H3 200 9a2159d00c5cc011373e15bdaab40789.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/ Frame EB5E 3 KB
3 KB 32ms
32ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/9a2159d00c5cc011373e15bdaab40789.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

278224323ee2965894e25945bfe5999d1e822849b8f21f0d8d4c4963b7289543

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2674
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

GET
H3 200 85fe53ecd1cb067d80adfdf49af0d7c1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/ Frame EB5E 25 KB
25 KB 33ms
32ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/85fe53ecd1cb067d80adfdf49af0d7c1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870f4d51610f5b023eb5a5e072d1b983db9d598448500a1649acf938d440c937

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25524
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

GET
H3 200 fb52c502bc6113d391d2910dffd120de.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/ Frame EB5E 23 KB
23 KB 34ms
34ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/media/fb52c502bc6113d391d2910dffd120de.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48afc21e55231f6f9f111d8ec9b8fe8f29c7f587a61b1666d4d5a1aa98f3e9c7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8530392381911641879/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23820
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:43:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Jan 2025 01:53:30 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame EB5E 50 KB
19 KB 31ms
30ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 00:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 179374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 00:03:56 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C98 39 KB
15 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 17:49:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 17:49:48 GMT

GET
H3 206 file.mp4
r3---sn-ab5sznzk.c.2mdn.net/videoplayback/id/579efca1d8508a11/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1738029210/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F418 2 MB
2 MB 52ms
24ms Media
video/mp4 2607:f8b0:4006:12::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:12::8 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2bbff4ee25288136ec00fce6f34e950ae9e5e2e1e7a312960a7bc0f05c346996

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 29 Jan 2024 01:53:30 GMT
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1713142/1713143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1713143
last-modified: Tue, 02 Jan 2024 21:51:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C98 0
20 B 46ms
45ms Image
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9hnPGgW3ZdDFD-3hjvQPgbynwAEAAAAAOAHgBAI&bg=!PT6lPnHNAAa8BdJLnAU7ADQBe5WfODqNpCRmq1yfYp-dbTbbysacq3DzhKaFRaqpCUHpETILbrc5KiupXoq_GPxljQccAgAAAGVSAAAABGgBB5kDA4MA6LMiWFFvAgoFU2Y3wsMcPM1ABBB9Rox1o4IGYj_gGF01jXlpHb-GPTYWkOKAuznJ0qLL2wI7To_wnAkUNhhHDU9PL3kM6M-kQSt1H2GxcA4mIoJ4u6ORSf78mItQ7I36QE3IFXYZS5mG8XnZvntoMi3UymamE9HgstF78YYQL5JSLfu616DnAIJCSaBKk7byo42oVOLzaNub3mc3_YL-detZ9kbZ7j18KgTbnd2Ce-i6Rm6dw17aOUN9HHKix-0s-PEuLMvTpqU5AGMKCWoQlVMyKB_KZ8EEJaYemnGODHUnZbXmU1HjbUctPHG3E-5IsZEQAdYwurqqwaJ6jj8J6lPsrVWIzb_kqFoEeM9NSIpiUEcPhAdD3SkVOmQhV5q9nmlpqk6j_odZ5H7D3UBAIuKczb8jS-jFnFie2r7qguRa41IS1pUtSUOEDE81a2P_EiDYTszu65hQdJ41mN3FG5PFKeHulxmP_MD2Ig2oZyJt-6F6ftUNutBQjsWvtYV9oi8FeEVOCoGyyeasmgFQUCtks7BhCfUwqAfrIZmuD4MHqqGKx5dh_PNXEn1YWgLc_flSyIvefLPVLJppWdxDwA8ngsZCwjDFUcwIlPba6_zAHbnNbAOie8i2bbZwZRc4dMHUIkg_VXRcnZoMTR3N-IU9bxkruWAayGTHHRyrAxQWhcGtFbGezi28mFtmOdlWvgVqW5FERAHSrTPkbtY-2plKnBUfSO1rgUYbgJgr51OG1PhXOEbQUk-Q_XOPhSug-xp-LCZiBcvT0vDpCj-pOsbaPpcjiKkPhBdQot3mkvnBUdl-BzkyeK7RpiEdqY_KEtGMwbgdqkempHNXnXaCYpvW-lGqohMQ2jRov-EMKVvZUbAOCr_lt578QQS3JH6pS_gAbXCo5wSSrPRLWrV71FCOnRXxqzOZWq4jaD3L23bdo3rcx_cOgkFkWbH4Mf1-uyyd7pUa92J1ICh3nnG4yoG1yIW3XegQao-moLY9VeI5RljPXWvnkp1KfEoxCVhL1Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8602 42 B
64 B 50ms
49ms Fetch
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPCcfzwhfzGpJ3t6E3CVvcZBcMcj6EJj9exRLAJs3ydZM1MRl2uhmrZjF7Cj3Yd8g8sTslUVpHtqnxjmJT19mknOxiowvzE6eGZ1iDYPl0rCOcvm4hGgWUOKrmd81uaL5w0lEgQQ-hTgN0RVCuoOeFuTI0&sai=AMfl-YRTmNxhd36X4U6ydeERhD_ko6ibA_cxeULWvtAOdMuqF83flGnWJLvpJ7eW2YH1-9iOUSH3PpdAUhy4wcLt3rkCMc_mOPObHeHx5tgBJ9oqf8qYPIkMtN8Z9lj7EPnUyiKbRywZAqL_46jfet2j&sig=Cg0ArKJSzGKwhCS5P_0kEAE&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&id=lidar2&mcvt=1000&p=0,0,540,144&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170649320900&rst=1706493209650&rpt=295&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D02 42 B
64 B 47ms
46ms Fetch
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrAynCyLNrlkID-MHMca6bDqn3zUWGawm6QyzTQJMiWgR8NtzEUmh6GrOPTigMwMpaSV_X94ttbtjE4KTQhOSVvwwDeGitistny2Om_gMWfnBB_dEmN1u-vlK5A3b9TPWfABbAioDF02EDFU2LypZoVagJ&sai=AMfl-YSwL02KLrJTzUQ6jsrhK9JEHK9gofapmTAJHvz666ptIlloZli4MBxL7wFwi9d4FC7ktuWV-846qWD-AvRMA6uJPx1ZzRvZAovgxRm9GkJWOMEYCwFFrdiPIMi_OpOu5PuCSz4iaxAIA_EUElgK&sig=Cg0ArKJSzM9JN2Sd7GEuEAE&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=248,915,1003,1003,1003&tos=248,667,88,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170649320900&rst=1706493209528&rpt=461&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 895F 42 B
64 B 153ms
152ms Fetch
image/gif 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvV39lE_WJbeyFjzQsXvWAD8s1WrTHAZ6eDNgGsSYCIjasSsSXvyCUWYMLoqYy1kp-lAorvPFJIelcIoAUrrU0vlHE8m4NA5EmYPXSY982astOIyG4SwLo_FISxg6cZRuPaN-9ehQ9srFT1vg1D8MimP-y0&sai=AMfl-YSo5MKElBz9BR5SqmWfVLG7POseM7M3yM0mbEPaE5Z3Tbbj-DyDOjsh7_Uv4VxR-YEcFt26eJPIhtP0_zn27Hh7-ZSUJBtYzTJHo3hVS8xbyuCaXljxPHJHjDuEJ_gDP49X-PPbxnCzqBGhKg7h&sig=Cg0ArKJSzJDMs1xbF1JDEAE&cid=CAQSTgAvHhf_lYpU4oMlfWUK_h_-sfD5tMfFgixbt3UHwFcplK5RhkF93pbHWnm3W97F0Bvmg0KmXqiRWpjQRYzrYlb1S7yJcpol1cXwDdVbfxgB&id=lidar2&mcvt=1000&p=-72,0,428,200&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170649320900&rst=1706493209523&rpt=527&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F418 0
54 B 125ms
123ms Ping
image/gif 2a00:1450:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lry9zwac&c=42158023345&slotId=21079011672.5&qqid=COOVj8y-gYQDFdYOcQodoIYL0w&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2086&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1dp~atrd.1dx~vil.1tc~vfl.1ww&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 01:53:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pagseguro.uol.com.br/	1970-01-20 18:01:35	Name: __cf_bm Value: SqvHq2ic5TcHOpSEnOn4GaVqslmbwX84YKLIw74c4Uw-1706493208-1-AcbAlGGEfgOtAkAoH8iMpkKL/WVxtohawIOj/fQawBzf3W72Xpxxy4ITyV69BXbBMp7I1Mk+jLGkYSOOdk/FtDU=
.mineurl.top/	1970-01-21 03:37:33	Name: _ga_4T622S33TY Value: GS1.1.1706493208.1.0.1706493208.0.0.0
.mineurl.top/	1970-01-21 03:37:33	Name: _ga Value: GA1.1.1873655300.1706493208
.mineurl.top/	1970-01-21 03:23:09	Name: __gads Value: ID=f11a1417c4d02bb0:T=1706493208:RT=1706493208:S=ALNI_MYcfDmUn8-sO1CnROV_QZib4qQAfQ
.mineurl.top/	1970-01-21 03:23:09	Name: __gpi Value: UID=00000dbac3752453:T=1706493208:RT=1706493208:S=ALNI_MZ54tah4OCwukRYjTEUeDl2tFPWlw
.doubleclick.net/	1970-01-21 03:37:33	Name: IDE Value: AHWqTUn4oQS1C_ObowpQ5fW4CHIN-gNH49UfrDroAYzNneFSSPofxrs4g7ArYrvI3GY
.doubleclick.net/	1970-01-20 22:20:45	Name: APC Value: AfxxVi7oR3ALy8SsbS2GBuKGi2Z3VnuFdJSO9aBieqT2GbxrdZdf8g
.doubleclick.net/	1970-01-20 18:01:36	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 20:11:09	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
mineurl.top
pagead2.googlesyndication.com
r3---sn-ab5sznzk.c.2mdn.net
stc.pagseguro.uol.com.br
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.17.254
142.251.179.156
172.253.115.155
2606:4700:3030::6815:3b8f
2606:4700:3031::ac43:b34a
2607:f8b0:4004:c06::8a
2607:f8b0:4004:c07::61
2607:f8b0:4004:c08::6a
2607:f8b0:4004:c08::84
2607:f8b0:4004:c08::8b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:12::8
2a00:1450:4006:810::2003
07340ec1a9fd2f942985c4b1a51a634f3506109ef09bf29075dc5cd0a22484e8
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0def687e610a19f3cfc1c6b4a009ca7ab4f181db969af2bc1fac9cce3e787f07
14a215bfce939ca17d61d3bc341a11b8af1ccda7d413eda31678fe6dcc7f695a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18469d6b7581c5a92b6d05ca377d689d30ea9941e6130800cd014ce3baa0f82a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
25dc2125cf81f1b549c8a635e0455db535f1870b17eade78841845c9db7e6bee
278224323ee2965894e25945bfe5999d1e822849b8f21f0d8d4c4963b7289543
28c9db225d84a110c587188509388256bb0e6b15e12e9f6483c1bbab91c7ea45
2bbff4ee25288136ec00fce6f34e950ae9e5e2e1e7a312960a7bc0f05c346996
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
48afc21e55231f6f9f111d8ec9b8fe8f29c7f587a61b1666d4d5a1aa98f3e9c7
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
59b216704a8a1414bcffc5fc179c000878f701465934c04d4ce311422857ac7e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e007a47681a3b2f7d2d81900fba18c10c8b79a5ed8c8ff095be710a6ea33c0c
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c2ec9602be045040cd3507d282ad447a6d4fa12cc53d596017334bbbf146340
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
812d569c68f60ed928bcc31471fe24c76934342ee460ca5a671c715ebc8f5334
870f4d51610f5b023eb5a5e072d1b983db9d598448500a1649acf938d440c937
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
923202469c3e13b852299228081d602c5659ce4188dc34115dcde438c86d506d
94de6f24ad20f7cdc83bb539aed4f9b61abaa96f0cca7dbb820e388f21705cef
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9b7afe9da7aba5fb45cf952938a159366f70379ffb0cbbe8559335632d2576fd
9b7b377287a15a6b8bfe2bb4705907826ede80c1bfecf10b628357a7bbee2e3a
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a8fcf6605dc44f9b2b7cd65ce594db86a9f7a06f3efc07a984148c8ce388ca30
aa7d078c277af5c39ce6932f9e1f7eea186082f538c0e29dd8af18ab034a8a5e
adb04ca2710ac6e54ef209c03161c9a15ce112a698a867ec3b2a5bf292ac9531
ae866dc68beaff65025adab8f7264392516cd4462ad3e3209b0dacf639f01fbf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0538d79df0e4e27bd6ae05eeb8845c58fc43ff1e713cdd0efb803bf842ce341
ba259c76767dde47e6e21ac0ac46f6fb60bd6322dfdaf0d776732f38302d1c8f
bb715fd3096c0720c2cf46d2d2518cee18f485af79925620b037991c49cb90a6
c144c3ab0d59bbb8a6ee6b652ff4c550c95d2d9c15edcfc6266b7c4f992f33a9
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
db8a147fbfdac0d117fd64322421db46c65eb732ca57af6db58581c680e51b99
e21188a338bb6fa890b7b331f4d61d5768d002118d14d43c36f9ee396a8c17a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ec1ddec69329ebd49ac69872919dd884ad6dc48518f96d2b908ddb53245c6096
ee13cd0d42aec7c05eee806ecf00755e14fcfdf10d865758a0171bb8420d8560
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f183a43514ef43593f942544c540595c583fadedf022fa06f79378be617ce2cd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68f61962752a66090610b7b4db84458f5248f76e2a493a3347a89b387760dde
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

mineurl.top Open in urlscan Pro 2606:4700:3031::ac43:b34a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

96 %HTTPS

82 %IPv6

12 Domains

18 Subdomains

16 IPs

3 Countries

3874 kBTransfer

6920 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mineurl.top Open in urlscan Pro
2606:4700:3031::ac43:b34a Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

96 %
HTTPS

82 %
IPv6

12
Domains

18
Subdomains

16
IPs

3
Countries

3874 kB
Transfer

6920 kB
Size

9
Cookies

123 HTTP transactions
4 data transactions