suip.biz Open in urlscan Pro
185.117.153.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://suip.biz/?act=urlcrazy
Submission: On September 19 via manual (September 19th 2022, 9:01:44 pm UTC) from CA — Scanned from CA

Summary HTTP 192 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 192 HTTP transactions. The main IP is 185.117.153.79, located in Moscow Oblast, Russian Federation and belongs to I-SERVERS-EUROPE, CZ. The main domain is suip.biz.
TLS certificate: Issued by R3 on September 2nd 2022. Valid for: 3 months.

This is the only time suip.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.117.153.79 185.117.153.79	209641 (I-SERVERS...) (I-SERVERS-EUROPE)
28	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
34	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
47	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
3	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:820::2006	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
5 8	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.186.7.121 54.186.7.121	16509 (AMAZON-02) (AMAZON-02)
4	13.226.39.45 13.226.39.45	16509 (AMAZON-02) (AMAZON-02)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	23.195.101.76 23.195.101.76	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.164.124.73 18.164.124.73	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
192	24

3 185.117.153.79 (Moscow Oblast, Russian Federation)

ASN209641 (I-SERVERS-EUROPE, CZ)
PTR: suip.biz

suip.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:822::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2607:f8b0:4006:824::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:820::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:824::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2607:f8b0:4006:80d::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:809::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:820::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:820::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.40.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.184 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.186.7.121 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-7-121.us-west-2.compute.amazonaws.com

scotiabank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.39.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-45.ewr53.r.cloudfront.net

secure.jdn.monster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.195.101.76 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-101-76.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-73.jfk50.r.cloudfront.net

securemedia.newjobs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2004 (Rockville, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	876 KB
44	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	288 KB
24	gstatic.com www.gstatic.com fonts.gstatic.com	314 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	205 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	393 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	6 KB
6	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3603	73 KB
4	monster.com secure.jdn.monster.com — Cisco Umbrella Rank: 76958	8 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 396	476 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	suip.biz suip.biz	35 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1077	639 B
2	demdex.net 1 redirects scotiabank.demdex.net — Cisco Umbrella Rank: 49656	2 KB
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 13421	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	newjobs.com securemedia.newjobs.com — Cisco Umbrella Rank: 59333	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	694 B
192	19

	Domain	Requested by
47	tpc.googlesyndication.com	googleads.g.doubleclick.net suip.biz tpc.googlesyndication.com pagead2.googlesyndication.com
33	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net suip.biz
28	pagead2.googlesyndication.com	suip.biz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	fonts.gstatic.com	fonts.googleapis.com
10	s0.2mdn.net	googleads.g.doubleclick.net suip.biz s0.2mdn.net
9	www.gstatic.com	googleads.g.doubleclick.net
9	www.googletagservices.com	googleads.g.doubleclick.net suip.biz
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
8	fonts.googleapis.com	googleads.g.doubleclick.net secure.jdn.monster.com
6	mc.yandex.ru	1 redirects suip.biz mc.yandex.ru
4	secure.jdn.monster.com	suip.biz secure.jdn.monster.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	suip.biz
3	suip.biz	suip.biz
2	www.google.com	1 redirects tpc.googlesyndication.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	scotiabank.demdex.net	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	www.google-analytics.com	suip.biz www.google-analytics.com
1	securemedia.newjobs.com	secure.jdn.monster.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
192	24

This site contains links to these domains. Also see Links.

Domain
miloserdov.org
suip.biz
w-e-b.site

Subject Issuer	Validity	Valid
suip.biz R3	`2022-09-02` - `2022-12-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
secure.jdn.monster.com Amazon	`2022-03-29` - `2023-04-28`	a year	crt.sh
*.newjobs.com Amazon	`2021-11-01` - `2022-11-30`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://suip.biz/?act=urlcrazy
Frame ID: 7C683CE8CF1ABA85D89096889901FA4B
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Frame ID: C9E34411853915C10C3E2DF1BF89B7C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&adk=1812271804&adf=3025194257&lmt=1663621297&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297577&bpp=6&bdt=185&idt=150&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5277382321907&frm=20&pv=2&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=169
Frame ID: DEE56552C0D6AE1648B85034AB23C7B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2622982514&adk=1676129346&adf=683863926&pi=t.ma~as.2622982514&w=1200&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297584&bpp=8&bdt=192&idt=171&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=72&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZoOWXmaG5h&p=https%3A//suip.biz&dtd=176
Frame ID: 82621BF88287223242160684E35B8E11
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169
Frame ID: D2AD4CCC476593F0E9CBAE5483BF53D0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7298954118&adk=965596250&adf=3267455832&pi=t.ma~as.7298954118&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297616&bpp=3&bdt=224&idt=168&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1021&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=snFVG6YbJp&p=https%3A//suip.biz&dtd=175
Frame ID: 354F289D6EBD60CD720E703DBB4C1AB7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
Frame ID: F890410C7352618A227F3F2682A2B295
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=1426646486&adk=1103978254&adf=2595299518&pi=t.ma~as.1426646486&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297621&bpp=1&bdt=229&idt=182&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GYmvzuDlDn&p=https%3A//suip.biz&dtd=185
Frame ID: 6D7819FA1289BF2E8D237FA05C4A62B3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8775687317&adk=1372030896&adf=3049809681&pi=t.ma~as.8775687317&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297622&bpp=2&bdt=230&idt=188&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=8OoxCGBay0&p=https%3A//suip.biz&dtd=190
Frame ID: 0342D6A3D406E6FC6678550C96BBC848
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196
Frame ID: 15347E24CF17DFA142800991DD859EC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJK1ibVFuTq7mpcJjOZQxJbdaNBsz2zoV75mhYqfYJ4JFwfsjNqlMCG5IPWwpOAsq5P2nmcakJo7mifz9aBNs7lejw9samCpJuV5CBCLzg-SYZ21n-zBN30nVpqqsXpYyFg-cLAeSD7xTyWBo2LJrfiQjXAw3d1aFOznMVHQvXqjhd_XPlfBP-2uEVd8HId7U357lbDNTMNmA2ky5g4YjkDsmF8XJmUcCiB4C8mG1psBG5tYoxtSHCHC8WAIGb57BHon9x4huFS44W221usBU-cxsx5Zh3TwGfj0ZPy0CjAhn3N9N2Zxg-PCxf87TgbsApJIrFW0yqhw1Rr2kV6Dw7ACrCoyEXq8B3EZVvm0pybbvIKNnbKQd8e_gM3B9uArdPv1OMuvXo9Gf1iuwBGwQ7Sd6lfELqGo6ZHpLNoHPMKchPEJU0E4LjFfztgsOtA2Gzk1OP1ZHOlS4bX-mPiw4l4VTadXA3l4svVijtatHMGrMDjAjcGvFTXz1SYGb3JXNJNIExzIfbnSr9dAIurQI3c-nAy4hZeTaJDKWPKKm-u4RVCgHfru1ccczUC-dvKTvO2tM_EuPGFpYhYFzCvkT-AEE8Ki60ewpPq_JSKbMLV7WZOeDOQ9mqmXY5B-DdTyiXLxKUZOMPGTe1ytrPRl0SsJrjcPxbpBzqUN17clr4d35jKxTwH2-1QSWk9d5ZNQ9b8xnv2QCq_B9HVPnQCzNBkelSYog7qcZ351QDlZFSMtuRIQqrx2152TOsclF0wVTnRY0bdsVu2Agk9EV-AKss3JOdf37u9koPqpt1TgUKsDe0ARcFQ8JkTdvO2iikJGM4ubvE1f2F-DCS7E75OgMIZlIghx7z9Yx9n5q-bL_ufFt2fGXJLaKhS1AIyu-7wWpFAyb1FX0hc_xBkm6nA9F2fco1AShXTbYsO_cZXdgdZx5znslenJXrIwKpbtOp1dPWD62G1BqM5LkV5aaP2VduFxuw8kqM_D3vqv_7x4hEGpYQJP0to4Ju2EChEsgzHYKcgf4HJeH9zr-V5pwa6g&sai=AMfl-YQS0Ve8OQYWvb5tkTa-NiSw00rJGxV3dkEI9a85kARVd2ZA6vByGo4UAQ&sig=Cg0ArKJSzEX4F5RTD5PxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 96833C4F00DF269897CDE59932D905D1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhDt8V8Y86CdyAEwAQ&v=APEucNU3HNAkO3YMDzpw-oDwc3-TJ654w7BfpSMBpNlpkxP_4hp92bHJdvceZvx1Jsw6h4mtEtF36OaNg6zwm1WKjwQtntYXzw
Frame ID: 47432932F548088CE84FC764EAE42B78
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxkHEByibrSRyqNoMPLARsAX82hj-3hWYIPT2g1RKI79E5NiNuSCXQPGMlTrXOiePdfrHlYohVoalozSJPXYhtqqAQgg&cry=1&dbm_d=AKAmf-BcV7Qc2NOYEKWzDaSgo3BJERBddHFDECqTw1rjU2aNQzTmP2ChRxqE2ZZ2ttuaOU0AZ-on1Vbt4dJ-fkAG3hzehY3FpULnFpPl549NS5bGPHhaIgqpMa4q7kOnepy825-pz8f-GcWB7wLstHn7P9BTMi_4Z7lvEkZfiP3nnXtu5JpQfUgqvR0qJOlV7UMk2Phx8zqd7prp5J_J5ufPSuxZMOwatbwzdB8wz9yOO2JbLylF94_vbkP1CJnI8vQ5fxjr3GF4BNlHwPgRToUEkoaUiAyvFwUmqF4q8_GKfyctIQ23zuOFeFscU2tZnAeylZtiLJbZw8WZsI8_0dunSydywlZDOFWJSnmvG7HnQILXT-90ZKFxHzT6XTb3wBrO5rFEV-8E9FvxuQYYje7Ixj2HsoplHjUVuA78E3SdNUuGz4fiGjO6tiPPU1ixKeNPdhQEsXqipSWotJi7h0Jb6ZVN7omshxPETeVoGXs78PD8xFouGl05orCNxDe3x_uAaxl2RdGShaa04SexB16GgLGnzSy5GT5s_IQ_NYKVjwD9HTjsrNlDazT0-1U9RQHPaTr841i1I0CF9FujnvsjhOLgm2MGmKwrQvPr9ed37nepL9JqCsVLuiPnZAyyVie_NNtiM4ofFPKsxFZgfPcY2jmM76MlCNBSNSGRi3Qx7RJBF57MmnwrP6EKBV4ChRqt_00BFJqkc-piPbTfJfxMt9mmmOYN94AuA_5yL8_nsZabk7wMzklruvR7998dAN6ZfwaOeBBPt4HDNWrHirM9XmL72Z5n5vMEu6r_IOu8sPQpV1_LrnIKoSIAR2jEBty0RxDQF0RANFUl6X2WhyhwUmXxHq9Nev4_RimEQ-_y7LDjIWLRgHNFfTwpgq21JVb62FTeLBVd1tQdAZhumeWPq2SsCXUAeWkkpQkpOKvoRYkU_8uaT0R4AAH1S7nyzH2DhO9vSLEpNWyWy0M8S0bbyMLkaMmI8knxnNKERVTmIM69geT6dTr_blWqCuExGl497cymC-ysarqQYsXKIIPm51ABwknAfay6kmDdqN8Xowd4_YmESoyQVwFCTZ0rHg1FQZ403V_jU4Xwvt7HMT0N1a6z_WUTzY5vOTtQRfNEHBnTDwB5C9Mvk5GJQu0kZYKena6MjWqh2m15Pw3aSWJbPfgVws3ZKGumEqTpFJHKxCiplkj3uLnPKkORTr0W9xxUwyeVNUN_EARcxS0Bts-IXVD3vGtR8EJqtJ7aVQYHjAZFhvaisT8n2Cu_3ZamCh4YuCe9bXWnqBqAbDs9np-wTiNdAnqKINbHUVzm6j9xEWXlQi276Mh15PIvIgOxwRRh3xaEZJfGhcgyiliPtj3GPCgTTPzUgjGCR6T6i8f57PCjPDdVmapNkWkoJkyFa64Usn5HT6_MY9EdJAYe9C0tO_H87CewhefvkjUd0dkTH9KQXm3ePQ8wIRRKDWVLrfdn_LbNXxgr1LFanLynIoI07jiDuJgCQwKEhJRW1J0fc92v18cWf_FQEypIA6Qbrjil4NbL0VFpvnWB9wHnIdEOiOLsAR0nJXXf3Ekjy2GSduTnYR3Sg8dZJhMYK1zffzrXpbinZBw3hv2K4W-yXf3mQuasU3swnqabmkE3uyapd7jgR4CQOFfFACPJkSQaHf_stWpi-fdnOvTyzUT1wsLowER_Zi3mPeTC9vXIYeQT8I5GZLDPAU7L9ZHeeNbTCDhuA5ZtiDnZ0h22mXo6fsB2YzKSdND5V56aF5UUb49cUHkVZO_peWR6Ma8njRZTADGziLYUoI6PawrFcPxioqLYCYfRDYR6vC2sr1-Bf55ZzarMzluTB9zM8lxso2PFVL5W0_CCb_XG3VJWbercf_Hfm4P8ic7ix-hfWFVuQdD21CSMTVKaVccbSxFqtBz8u2WTdQYpsbST2WuJqSidFQWW7NVbGA_NHCkD1rKTpAa0gwpKuYGF4bYqcbc56p034zsH1HGb8FoP9bYN5VbAfYBe4_OUQxM7BgRvW-HfkUF5qUtcRDYg8Burhyr3FdjmV8yjhN0PUttED0cj61akIPVj_acqIGrMDcp1QC3PJKoZGxC3vsYDmLZDDH1xhU7jedN8GVxVKNzRafhTE7B__pzyKgdBfGSXefFaR53tpMLAthRDZfMxy5qsZbliWQ_hEj-skP-JsMiDhdRxlINzGZFtdWg5YEUKZXqr828YCIGZ8LelHeyJEQC6-P6H9DsR2SOiSDOFfy3mIBZyN_MvtB2l_57-8QReONwFJw5PCInRX8oGf_2SZHjBQp8mtxv6TTHM6QFZxKfyY69bCIiB6GmnBWDyXxwBjizKUjQdYAf_xo_oFePxruuOyiCQtE-8AA0tZymw1f0xj7UOqDrmOFJBdxjqcuugADfRFoprkk1oyp1_PRJ7PvsPsl5SOGmrIXHFMLZOGUljGJfwCDERvtC1rRxdo4ZpV-y19ZCgAeoET_EAVkoUWjYspwnQAoKvArI0InuDO7y-wJnsCV3LLnBxkPSJVuxCqtZbrJDEJHxX3jSO2o-KXPqbIPNXF8L8w5djg8HyRnDGj67bzlgELwgQshBV8Gq8KinqbAjOls8B-zspD_Psqq-mlDTKlUzG6UmhwSmfFwakrUA6X7SZDnolVwR1pW7jvX-vL4W_8gnWddCt74CEQzGLGp2Jsfqgj-ZnWPIn1toUuRUzSp-gBMc_poReULGp4ZVGUBiErzMlFeRS7-oj20LnTCTlCUiUqguZdQc4nFdQf9HN992DeKxhPG6FRyZhsMsI8Subczz2vtORIna2CIv7Epc5-xsnshIf_MrzXONjLPuj28ztTvFsbK9rSzpY5mgZ9gBPHhCBzM_vvukK8tCJAP7saDBJQtcAZ3VRYLpP5KC3d_-gR4VSEjH9py8TQP2KuZFVhRKlP-xz7V6oMPXq4oUdw5k5_njvrHkf3qjou-fm-_uwoQM7l-ZthTK4FiQUc60QmN3ql5NdnIqp7xFLEsiSzv6ZjorBy28DbAq4WljKUylJ3X2qO67w8pNqew&cid=CAASBORoCPk&rfl=2%2Chttps%253A%252F%252Fsuip.biz%252F%240
Frame ID: 71E5A5E036C2BBA16509BBEA6EA13AE1
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 825695F0F55A8730E763D3E2E9E197E1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7B22E4E1DAB2D8C67F86F363DA872087
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A40B322A0A454C1899064884E6B2A83
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: B040BB581638732E44C8D942A1444EB0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: 2D7EA7EC59B28D3C60A0D1A824750D00
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: 9D00AB896EE16AD00A32BFFF89E13C35
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
Frame ID: B0AC49B44D52146A626710D925E6BBE7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInEqdwCEJ3Xv4MDGJabjsEBMAE&v=APEucNXJlHVrXoTw5nDa0loU0qxDZ1PjXgh87oyeFayJwKy3PQV5udbWpAzkSQJKfDQPPeIlUaX6oxlu84yCI0xPVRKHwOVtRg
Frame ID: 7C26EC1733407EBD616796B43611D09E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC5Sq5xannJVXUL7BIEPtxOR_DZfapkNQLbZbsGFvjGj4glXQzwefjcK6Q6JVtpPANGAiUUKhet-j6CXfLdm8UIr07xOv4h2TM7i3LpFUZFIcEsEh9ytb-OTDuNN8gmIGuZCK_-s44I2xegnG9HApan8RlQXNdzbtZaaJIyf6abldgLhU&cry=1&dbm_d=AKAmf-C4LTpy0AVz3SVoO9Pw3104tyK4KG7MmBidAhlCslTD-mjBT6SiqvQFHzfwo-ZKZ0hsspOGcjsd9vWcURE6mnOogctn_USK-eCxd-_enzwTSqrD1nMjaxrEYUhC12pKCS5ZCK85w4HLKd_YNT7yxWgLHzsvCf3a1aLT37WcLcAR9E7emSU096gHji0nQ-7Za1PRubpD6Yw-2NttGodun5aOdKId0ESPOKcn23POj7gcfU0IUKDYpj8crNPmFLZaSPEpEZ_jqrkPUCnfqev5J2YScQbR-FL7N0SmUEuDo0jwNvKWM7F9e2LN90RbqTzBN91b5AIj8LFaAFrUOORN8n81jRid3PULLUDDZy3qZYoh6MNQteviffkW5P1_A6g8Ol41mWTHzOYtDTymyxnKxSWqmyL-5jRZ-vlKv8wQZ2809Y8gwybp-60L9ZQd22R9a_2J49mSNnyO0IMs5wtv4LjMUDuu6iw4ctJE3fUvMben2sGkUzPzDBF_Yr-MxwPRwZiJzLQiMd9xbG0ELWbOqq5J_-pssQZMv1zC9DSaN-0koWKZABhNsuwVoSKLhlXBS6HOCx9qcrgphZAwDNzJLDJap7zIs568lz_f4-LTXMMKzGj12Z-qr2nLtKwqDAgINH0lsXPl4AXynYedsf3rppUMGnzui5gAq8jiMcAlKKxqms8yXeD04V3JHBqzB9vd_htTOJH1YjxOFSQP5c617NCKqBo2ni2qjFGe3RBEVG4Z7SY3GAlKq524E_yUY3Gi67xsltQbmQqzlKEM8goAQoNHxiWzcEskKDtSvEfB8vTWSmluU2DqVHhaoT6FxfTXul_OSJylhIshpSOPm7Pv_NNskwZvy1ew3rshNCukKKCI1z6Du3hj8iFUD4CDllDUT20ob_XLYsVwlzvovG7kCvp6axAYdWudc8EnDMQE-dWjJmMQQrQMpq4fIJK8GO9NEBhTPSNaiqdxiSQ7dXARLIXLZhpTBXvEKMOgsttQi2lxp42CioOb8pGAht8VoKj3Ka4cR-YqqXf9UIRQGjG5UitA60qtFtSTd_mGxrzCofTW4uFsBtV9qFab18bR_MIn5t9IFtQ_2h5rw9xb9NuQDMtkRI_OevZGi_5OSR-0y5HcAx7nzx7gPqygVki-2TArq7UO_Rev-MElI7UL7hTvToHZXNoCvgxDxKIEwsK40UIANkkjIFDgtvcB7phn7gpqRzUm2yAVWuq6oSLmZGsFUooVRPIIrybBuJ-6LTjXUzCaNWXfYLn0ZijhAY_L-rKvovmR_oTBF60CIuArF-JP9a0H7Te16w-KMmQsUBcuc2pRIHuNQutPTFTd6Px8T6MrnCFktAIiPQdRop-Wm209fXDfr4XjLt5BWteZ-X-NVCDVe-MlD-vobRH7RrfBPPbaP_Xb7v-WgG4SDMLlt9iEkGpomHnem-KpHuV6ci6aw-ESKZUH8EP8uFu_Hu0MgxS4pvTyhKg9aurg2LgH2UGLYTQhTAcVs82aZnUch-q0ONPWuBm9w03Jt18vF9U17Re13HDqtdlny6eNvy7tVWHN40hY_POV_GDyULmYBgB1MFd-67AmDnfw4RIA-HXXx28ilgOOn99kSs2GRFcN7MJNLDchRxtkLuxzR37Ny-K2zenwzHfvtpjC_tEnZP7Kt0WFm2c3ETCFjyjq1RLuadjoRbWP4KcILgUMBH5D4nvfjyLJR5I24mA33IZkEoU--YvMxNjV0rAGgEzGmNQafBsv4Jd6gBfdIP-yIv0xHKckVrexfS0QSgDPD3YW0UHo_P494F9azTrmZb1i2QUEUB0rl60TBG_b2YeQdgcamBndZSauXzAt6Gea-Jqi_bDTXPa6gVSgKf2cEbPINqEb-N49OpDqn8I6SlJ_76zw8Uh3Z4hOdBLHyH9ugdr71l7Pe1vZxHkiIheefPLdwXSQSUEQDHsCQk_Ildrj3WGOHW5bQg_EuCcj58-j13ZiUsGL1VDdukjI_LG4l2BsR5BbIY5fgkCUa9PEkibOx16_-O-q0Ur7Vp6jrl5Wf2cK8Lmwwa7n-xP0LAaTlQYFsN2-GKTQ5N99XtMXdTbZ0hCer558LQdG-ylsYfo9RV7K_y3in4uUc0uDb9D1Qx2_p-jaGvrwpEM-1mtmRR463uUK7SnSoWg6uYpiT7wcAufeQwpKENBQQHkxFwY1zqeqxsTA0LEKu09vSgnVWk6URp3CJppde8v_818VeccScLUpvyjcERm0n5L7fMZ4DSAv0aUSzYSgWTJcZhAtZUejMvRGtnihcOv7mr_Agggc-IRYqOgh4AuaazcqvSinsYEWIS2Btqdrj12lINT7TZS-NCID7jkmV25i9nOznXwLTfEpyiw_AH7MrfJwLXlPTjZM93zvMqMYh6xiptdvYC94nFBBfaR-km3ZG8JCR32QZJRV4k-08jEIgX2ueVemqEwOGejWqOLeYgxwqVULXdGjH4BqbU-lK1-e02atKybD6vHrxTf19JKjRE5LpOn7TZqmsRnn6GjKuaJs-upQIZlXDeN1CRzykDRzq2BXQKcFbswjZiaObjC_NteQi6H96G-W-3mbao1fApbBZ1kLo6YQGbmFBBEhfBemIC_RvqmjP4b8kKBLtMdfRMjt0HMHUrJ_J6pM3-1FJf4hx5VGY93Hlzx7VJOYZBvURk-i-udC8R9vQ1oIwjwDUpsp-1vCryWq4ffSdArGIjigm-JGAbxMNBwj5fKie2rrw_-VJjDcJDGr4JeCUCr9ykAweKA16pnpRirOPdiZM9pFEzsB7XQ-F1E6vMebJc6FJH93yTdTCAOG8PdUwrdOqsMoS4zhLTs2b1gcfqJKVOj_sq8cLVEGbJ3XL9DoSPh01RZlrKGarB6iQ1zcfMAHviDH99T0&cid=CAASBORo6aE&rfl=2%2Chttps%253A%252F%252Fsuip.biz%252F%240
Frame ID: 65A43FD3DC36DFF0F38B7FB1176E65FB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: 9DAAEEDAB9846CF1ADAAB6952D226715
Requests: 1 HTTP requests in this frame

Frame: https://secure.jdn.monster.com/render/nano.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
Frame ID: 478CD524BADCE8585B4DDC7D34B63F77
Requests: 1 HTTP requests in this frame

Frame: https://secure.jdn.monster.com/render/adservercontinuation.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~click;https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC069FsdgoY8K0MoGONeb6ntAJ4Jfsgmee8rmQtQ_AoZvTiCsQASDqrrcnYP3oooHwA8gBCagDAaoE4QFP0KQONRLFmXBWv2Kh6Z31BGdqjIGFg9xZQgzzWgBFdkjGgdClY4DAjVxgIpfmGd18ZwyHBHfdkNPEhzJYSxIYtHLppVDgXtslz1k3WnNXMfcoQfSCCxOCQYNn8qfA1m5_Kedg3A5yVMrdiyd3wIf7_tXd4slM5mOCrJykl4ddTDldH7wJ6jZfp7QHPR6Z7e9LKcho4mJiIv1WWtGt21W0YOoFrXeLSXgfikwuQGI-OZWTEdmzn5vP4AGEfHD7uGOrymwKZeMVvox5n5AF8HeaJ7PHugIxKFudhj3FRCFZPa7ABL7hh_7xA-AEA5AGAaAGTYAHsMClgQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoBmAsByAsBgAwBsBP53bEQ0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASBORo6aE%26sig%3DAOD64_3K4eeYwn2g5-Pjoom4nDXAHy4J4Q%26client%3Dca-pub-7219829351026140%26dbm_c%3DAKAmf-DCkIxYTtslFZ14eP_nQhZfimOswndTuk6mcGrIJs0bptG8KS7iE0SDJwU3ZbPW_py_fTecmzPE5OSseMn6gJuukc_c5oUyrXd_BwZmvHc7PIn0uCltmvfqbAkgU2_aeRn-lV7wPuiuHDqkMdvsQGI6FkOuwOWsjmbRdIoRrPNIGHHBNJ4%26cry%3D1%26dbm_d%3DAKAmf-BORrXbypswx3fhnuWytTOFRWKhN2B18rGouOXW6mjOJqIqHKge3uoB8vb72QvkJnPxmr49qtvu-j4A4ybuRjjwiDfuzYYL7aB4VxEihVBTzkzEh9ru5IXGkcxqSkf5BiT_isEUbDH777aoUi4-_Wx3_EUdJAWOESQyOJ25syKJ-at3p2tWYBjPfcWKCazXA3P-73TCL4f_DgwF8ex6OUFlLE6qB8kreTr4xJxzsFh0fb9PVvF32d43dzsA9KZ49Bv4yHaIkTuGebyM7KRn5eIzjnI716Wnu5pZDS_-_N14JZ-sE_lFLtNosr9FzxvpLZgxhEZ9ELpDavH87V0YlVbhdk9phPgfVtS6G4FQTnq6eAdy8ks1IvG8dauCp8l1QyoBMN8w9Ay1euxS3j67OfH7GO3XpomUG-D0F5Ze-afkuYdZmBmB03xBQsD6I1kIZRXR6Gf_yT_ACH3R9KKqKwy5czWChv6eBvCuN4NxDxupEAlJKreJ5L1kFWrZjaUNQpXpslHcRpuDw47XNRVLyaxzR8rUpXelWrfy7UKM3vcQftIi3vU%26adurl%3D~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
Frame ID: 9A9B670EC75C13BE08D345D49D27F7A3
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Frame ID: DEC07A0E73AD8D8CD9F273B59672BBE0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67D34906324CC42E383EDB019662DEFD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87C01BF7DC7F90100DE6A8B42DFC1C3D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6CE6D5B465D472D7FF38A5DE32271AFB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Frame ID: A952673D2B2B48B0C867F2923778FF94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 14C00341CE007977C6AC14406CC84DCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B99ADED38BFBE2FB030F014012088E26
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Generate and test domain typos and variations online

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

192
Requests

95 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

24
IPs

3
Countries

2236 kB
Transfer

5174 kB
Size

26
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://miloserdov.org/
Title: Miloserdov.org

Search URL Search Domain Scan URL

URL: http://suip.biz:8080/?act=proxy-checker
Title: Checking whether my real IP leaking (it tries to reveal proxy)

Search URL Search Domain Scan URL

URL: https://w-e-b.site/?act=wpscan&color=on
Title: Black box WordPress vulnerability scanner online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://mc.yandex.ru/watch/35867470?wmode=7&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1611366020036%3Ahid%3A391129539%3Az%3A0%3Ai%3A20220919210138%3Aet%3A1663621298%3Ac%3A1%3Arn%3A383916409%3Arqn%3A1%3Au%3A1663621298871647716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663621296465%3Ads%3A0%2C622%2C299%2C1%2C0%2C0%2C%2C270%2C0%2C%2C%2C%2C1194%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663621298%3At%3AGenerate%20and%20test%20domain%20typos%20and%20variations%20online&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/35867470/1?wmode=7&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1611366020036%3Ahid%3A391129539%3Az%3A0%3Ai%3A20220919210138%3Aet%3A1663621298%3Ac%3A1%3Arn%3A383916409%3Arqn%3A1%3Au%3A1663621298871647716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663621296465%3Ads%3A0%2C622%2C299%2C1%2C0%2C0%2C%2C270%2C0%2C%2C%2C%2C1194%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663621298%3At%3AGenerate%20and%20test%20domain%20typos%20and%20variations%20online&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyjYst7aQOBuk2-0HGMlUgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECXF7kU6e125XRQ1qTnOGXc&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTA2MDU1ODk4NjM5MDYyNQ%3D%3D

Request Chain 125

https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865 HTTP 302
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO4I80QtnEG2ZVBRdJSqCA&google_cver=1

Request Chain 149

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmVkZWM3MzYtZDVhMi0yNGNkLWZhYzYtMjc2NjI4Njk1ZDQ4

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKp8-vmqPxYfdYVPsxoEfq8&google_cver=1

Request Chain 151

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWY0NzE4NTgtMDUzMS00OGNhLTlkNzUtOTUyNWNkMzNmZGIw

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

192 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
suip.biz/ 23 KB
24 KB 922ms
300ms Document
text/html 185.117.153.79
I-SERVERS-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://suip.biz/?act=urlcrazy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.117.153.79 Moscow Oblast, Russian Federation, ASN209641 (I-SERVERS-EUROPE, CZ),

Reverse DNS

suip.biz

Software

Apache/2.4.54 (Unix) PHP/8.1.10 / PHP/8.1.10

Resource Hash

1b744aeeec8c3bd4574c37d961a52f1ce1c3350a497084a822750581f2dafb2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 42478
Connection: keep-alive
Content-Length: 23916
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Sep 2022 09:13:39 GMT
Server: Apache/2.4.54 (Unix) PHP/8.1.10
Vary: Accept-Encoding
Via: 1.1 suip.biz (Varnish/7.2)
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/8.1.10
X-Varnish: 1648855 2133535

GET
H/1.1 200
OK styles.css
suip.biz/ 9 KB
10 KB 151ms
150ms Stylesheet
text/css 185.117.153.79
I-SERVERS-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://suip.biz/styles.css

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.117.153.79 Moscow Oblast, Russian Federation, ASN209641 (I-SERVERS-EUROPE, CZ),

Reverse DNS

suip.biz

Software

Apache/2.4.54 (Unix) PHP/8.1.10 /

Resource Hash

176841cb40b36e1aadc272c79f082b686852d1647ee6eb7575989bd797fadd38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/?act=urlcrazy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 17:29:39 GMT
Via: 1.1 suip.biz (Varnish/7.2)
Last-Modified: Wed, 22 Jan 2020 15:15:56 GMT
Server: Apache/2.4.54 (Unix) PHP/8.1.10
Age: 99119
X-Frame-Options: SAMEORIGIN
ETag: "25f1-59cbc00540138"
Vary: Accept-Encoding
Content-Type: text/css
X-Varnish: 1054639 65579
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9713

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 109ms
57ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c48decfa43192de394c8007ac08e18d92bc4f7cca27d1d9f3eea845c478627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58109
x-xss-protection: 0
server: cafe
etag: 9177553326839381983
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 21:01:37 GMT

GET
H/1.1 200
OK logo.png
suip.biz/ 1 KB
2 KB 144ms
144ms Image
image/png 185.117.153.79
I-SERVERS-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://suip.biz/logo.png

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.117.153.79 Moscow Oblast, Russian Federation, ASN209641 (I-SERVERS-EUROPE, CZ),

Reverse DNS

suip.biz

Software

Apache/2.4.54 (Unix) PHP/8.1.10 /

Resource Hash

b0857e2ca9f82dccf2c8a2953a4de4d52e9fb709e0b626a2ccc39c6a7208c9fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/?act=urlcrazy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Sun, 18 Sep 2022 17:29:39 GMT
Via: 1.1 suip.biz (Varnish/7.2)
Last-Modified: Tue, 20 Sep 2011 19:07:54 GMT
Server: Apache/2.4.54 (Unix) PHP/8.1.10
Age: 99119
X-Frame-Options: SAMEORIGIN
ETag: "5d5-4ad642d3ab680"
Vary: Accept-Encoding
Content-Type: image/png
X-Varnish: 2459695 65581
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1493

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/ Frame C9E3 10 KB
5 KB 77ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 5473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 19:30:24 GMT
etag: 9671129459699598864
expires: Mon, 03 Oct 2022 19:30:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bc5f1654dfd8b458e5148b5eb32a7d40b48cf97d4420bee3eba7bed1db1850e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124737
x-xss-protection: 0
server: cafe
etag: 15858680885036841899
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 21:01:37 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 576ms
285ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6b2adb58dec126d30904f23f5492657890b4fb76843b979c4d6a051d29a36b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:37 GMT
content-encoding: br
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
etag: "6323e622-1196a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72042
expires: Mon, 19 Sep 2022 22:01:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
22ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2165
date: Mon, 19 Sep 2022 20:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 22:25:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 77ms
34ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1003148374&t=pageview&_s=1&dl=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&ul=en-us&de=UTF-8&dt=Generate%20and%20test%20domain%20typos%20and%20variations%20online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=111762983&gjid=1230712040&cid=973924687.1663621298&tid=UA-33093677-6&_gid=714925092.1663621298&_r=1&_slc=1&z=1603557321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://suip.biz/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://suip.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
694 B 106ms
34ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=suip.biz&callback=_gfp_s_&client=ca-pub-7219829351026140&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867b0484aacf21de70bfc23c0836b729e6cf92720f4486917d1761adc66037ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 92ms
41ms Script
application/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=suip.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 21:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
39ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=suip.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 21:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEE5 173 KB
48 KB 538ms
495ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&adk=1812271804&adf=3025194257&lmt=1663621297&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297577&bpp=6&bdt=185&idt=150&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5277382321907&frm=20&pv=2&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d79a6ecd4efd42d22e2a124d4305a7cfce8c84a9c022160caab2d4ddc3be603d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49312
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8262 79 KB
29 KB 511ms
482ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2622982514&adk=1676129346&adf=683863926&pi=t.ma~as.2622982514&w=1200&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297584&bpp=8&bdt=192&idt=171&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=72&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZoOWXmaG5h&p=https%3A//suip.biz&dtd=176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

128a2a30bd3c13c715863e575195d93cefffa34b7dc2394e9d516cec7b3bf321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29616
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2AD 80 KB
29 KB 640ms
629ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eda605551b01686d9a6102289246a7a3dc194274d8e0a2a1cfddaf23b4bd367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29490
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 354F 79 KB
29 KB 378ms
376ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7298954118&adk=965596250&adf=3267455832&pi=t.ma~as.7298954118&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297616&bpp=3&bdt=224&idt=168&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1021&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=snFVG6YbJp&p=https%3A//suip.biz&dtd=175

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56822befb650282fd19e954e453d3faf3fe0c477213610a9f58e969e1604ca9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29550
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F890 160 KB
30 KB 455ms
454ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

165c8946a273add486b0c2a085108fca2503f44859c5a22c7a5e2b1f247761a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30283
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D78 79 KB
29 KB 394ms
394ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=1426646486&adk=1103978254&adf=2595299518&pi=t.ma~as.1426646486&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297621&bpp=1&bdt=229&idt=182&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GYmvzuDlDn&p=https%3A//suip.biz&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d4c4f20a3fb8034098760b7fb582cb302da9ecae2fd8eb858c5ed7623ac23bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0342 62 KB
27 KB 440ms
439ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8775687317&adk=1372030896&adf=3049809681&pi=t.ma~as.8775687317&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297622&bpp=2&bdt=230&idt=188&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=8OoxCGBay0&p=https%3A//suip.biz&dtd=190

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ed627c7b06f88a52e594847bbc054a082b03ce7e08b8a02433e40b32b51d8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27756
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1534 17 KB
8 KB 487ms
487ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22a97c8c5e7f9fe21412e38054dc4d9574679a2406e5c4699a6286eba64a5972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 7961
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 354F 6 KB
745 B 87ms
38ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7298954118&adk=965596250&adf=3267455832&pi=t.ma~as.7298954118&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297616&bpp=3&bdt=224&idt=168&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1021&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=snFVG6YbJp&p=https%3A//suip.biz&dtd=175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 21:01:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 354F 2 KB
983 B 99ms
42ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:42:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 354F 23 KB
10 KB 76ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 354F 3 KB
1 KB 126ms
75ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 21:00:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 354F 17 KB
7 KB 79ms
23ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 354F 141 KB
44 KB 120ms
45ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 354F 33 KB
14 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 18:09:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 354F 0
0 67ms
66ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW2yvsdgoY-XBMorbo9kPh7-puATj6ImEZr7psdfgDrjhta_kKRABIOqutydg_eiigfADoAGm372eAsgBCakCwuVMpovrSj6oAwHIA8sEqgTOAU_QuASU8K_Vqjsk6OsQku3w4-QfTEZJ0dUcL09PzIPHwKc2yN3qjeEFypoSAfwzwd8mld3RnWgLRMYdp5WOG_C_3UoxcVy_8JBDgeZLSkIGivMEpjRIm2U8yxth1aHEiprKZIDmu3bwctqIKHx1cJ7BP36K4Sktjr_gNjxutNFWAvyx542AEs7olgeYiMAEsNjfHOvwwEx_9b_UhMQUEqKBEn_lCvlwWjgNAsVTRBhl4wJTy5wgI1lCHmB81lFIyGWV4y544U5E7PczvxGvwAS5_MmM2AOSBQQIBBgBkgUECAUYBKAGLoAHwqDC4QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDSlxfSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMCiBQB0BUBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=a5xje4IhL3g&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7298954118&adk=965596250&adf=3267455832&pi=t.ma~as.7298954118&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297616&bpp=3&bdt=224&idt=168&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1021&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=snFVG6YbJp&p=https%3A//suip.biz&dtd=175
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5460325400034858808/ Frame 354F 55 KB
55 KB 103ms
56ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5460325400034858808/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa43001c2eb32f850ddf77096f4e3e78255e8eafc5d41f28b4d06632689d79ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:26:16 GMT
x-content-type-options: nosniff
age: 560122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55875
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:39:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 09:26:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6D78 6 KB
1 KB 47ms
36ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=1426646486&adk=1103978254&adf=2595299518&pi=t.ma~as.1426646486&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297621&bpp=1&bdt=229&idt=182&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GYmvzuDlDn&p=https%3A//suip.biz&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:04:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6D78 2 KB
936 B 94ms
76ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:42:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 6D78 23 KB
9 KB 44ms
26ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6D78 3 KB
1 KB 57ms
43ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 21:00:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 6D78 17 KB
7 KB 58ms
40ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D78 141 KB
44 KB 108ms
72ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 6D78 33 KB
13 KB 38ms
24ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 20:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 20:40:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D78 0
0 67ms
66ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CptlcsdgoY8q8M97Mo9kP4cSIuAHj6ImEZr7psdfgDrjhta_kKRABIOqutydg_eiigfADoAGm372eAsgBCakCwuVMpovrSj6oAwHIA8sEqgTOAU_Q7GP0vITitSAcMeb2Gn-Lgah88g_8jeENxd4gpr1nvQAEoriImwb3rN4gFBPjo3NrjXeQMkI-n6JtUUJLqIHVmWpXCJfodauNsT7p17EyWcKF9zMBKfsHZID2JQ037os85XfL4s_CfOk3lVNEDraG0VWJr-VV9XXUxxvEQk4Rqws46LUdNCDQXY1xDC8UrvCTMWullG9Udk-8ox9Q6qTmu3Ce3S7umaicK1Ac9JXu76Gy2ixOC2oaPaFfRonor3nf2gAhMkPtGZsDOgR2wAS5_MmM2AOSBQQIBBgBkgUECAUYBKAGLoAHwqDC4QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDl7QHSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMCiBQB0BUBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=YQ-BgkBEsiI&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=1426646486&adk=1103978254&adf=2595299518&pi=t.ma~as.1426646486&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297621&bpp=1&bdt=229&idt=182&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1831&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GYmvzuDlDn&p=https%3A//suip.biz&dtd=185
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5460325400034858808/ Frame 6D78 55 KB
55 KB 48ms
44ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5460325400034858808/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa43001c2eb32f850ddf77096f4e3e78255e8eafc5d41f28b4d06632689d79ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:26:16 GMT
x-content-type-options: nosniff
age: 560122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55875
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:39:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 09:26:16 GMT

GET
H3 200 0cf29303bb18303a156bc2ce1c098e89.js Show response
www.gstatic.com/mysidia/ Frame F890 10 KB
4 KB 62ms
20ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0cf29303bb18303a156bc2ce1c098e89.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 18:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 23:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 18:17:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F890 8 KB
716 B 94ms
51ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 20:18:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame F890 2 KB
902 B 20ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:42:00 GMT

GET
H3 200 92e787bb80be47dc2d4be411f9ad030a.js Show response
www.gstatic.com/mysidia/ Frame F890 22 KB
9 KB 64ms
22ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92e787bb80be47dc2d4be411f9ad030a.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d32cf46a6c5287996c92c8e60d367b6cdf01186027fc0281dabedeffccbcea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9388
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 15:30:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame F890 23 KB
9 KB 66ms
21ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame F890 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame F890 17 KB
7 KB 81ms
37ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F890 141 KB
44 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9683 0
0 107ms
50ms Fetch
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJK1ibVFuTq7mpcJjOZQxJbdaNBsz2zoV75mhYqfYJ4JFwfsjNqlMCG5IPWwpOAsq5P2nmcakJo7mifz9aBNs7lejw9samCpJuV5CBCLzg-SYZ21n-zBN30nVpqqsXpYyFg-cLAeSD7xTyWBo2LJrfiQjXAw3d1aFOznMVHQvXqjhd_XPlfBP-2uEVd8HId7U357lbDNTMNmA2ky5g4YjkDsmF8XJmUcCiB4C8mG1psBG5tYoxtSHCHC8WAIGb57BHon9x4huFS44W221usBU-cxsx5Zh3TwGfj0ZPy0CjAhn3N9N2Zxg-PCxf87TgbsApJIrFW0yqhw1Rr2kV6Dw7ACrCoyEXq8B3EZVvm0pybbvIKNnbKQd8e_gM3B9uArdPv1OMuvXo9Gf1iuwBGwQ7Sd6lfELqGo6ZHpLNoHPMKchPEJU0E4LjFfztgsOtA2Gzk1OP1ZHOlS4bX-mPiw4l4VTadXA3l4svVijtatHMGrMDjAjcGvFTXz1SYGb3JXNJNIExzIfbnSr9dAIurQI3c-nAy4hZeTaJDKWPKKm-u4RVCgHfru1ccczUC-dvKTvO2tM_EuPGFpYhYFzCvkT-AEE8Ki60ewpPq_JSKbMLV7WZOeDOQ9mqmXY5B-DdTyiXLxKUZOMPGTe1ytrPRl0SsJrjcPxbpBzqUN17clr4d35jKxTwH2-1QSWk9d5ZNQ9b8xnv2QCq_B9HVPnQCzNBkelSYog7qcZ351QDlZFSMtuRIQqrx2152TOsclF0wVTnRY0bdsVu2Agk9EV-AKss3JOdf37u9koPqpt1TgUKsDe0ARcFQ8JkTdvO2iikJGM4ubvE1f2F-DCS7E75OgMIZlIghx7z9Yx9n5q-bL_ufFt2fGXJLaKhS1AIyu-7wWpFAyb1FX0hc_xBkm6nA9F2fco1AShXTbYsO_cZXdgdZx5znslenJXrIwKpbtOp1dPWD62G1BqM5LkV5aaP2VduFxuw8kqM_D3vqv_7x4hEGpYQJP0to4Ju2EChEsgzHYKcgf4HJeH9zr-V5pwa6g&sai=AMfl-YQS0Ve8OQYWvb5tkTa-NiSw00rJGxV3dkEI9a85kARVd2ZA6vByGo4UAQ&sig=Cg0ArKJSzEX4F5RTD5PxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9683 41 KB
15 KB 74ms
50ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 10:05:01 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9683 34 KB
14 KB 51ms
28ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8775687317&adk=1372030896&adf=3049809681&pi=t.ma~as.8775687317&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297622&bpp=2&bdt=230&idt=188&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=8OoxCGBay0&p=https%3A//suip.biz&dtd=190

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb8013fc433650a8e86b28460667840984e2db960ecc982b0427750904d56235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:57:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14174
x-xss-protection: 0
server: cafe
etag: 6551015277543730263
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 18:57:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9683 3 KB
1 KB 72ms
50ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9683 17 KB
7 KB 60ms
38ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9683 141 KB
44 KB 55ms
53ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 9683 23 KB
9 KB 47ms
24ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H2 200 09162022-102757272-2022_09_19_DCM_Leaves_160x600.jpg
s0.2mdn.net/4354313/ Frame 9683 54 KB
54 KB 67ms
20ms Image
image/jpeg 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4354313/09162022-102757272-2022_09_19_DCM_Leaves_160x600.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb862f0a976cb5d8cf85ff6db4ebd7b7cfa73c8479bea772a4a006b712f0a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:45:10 GMT
x-content-type-options: nosniff
age: 988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54888
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 17:27:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 20:45:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8262 6 KB
672 B 41ms
41ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2622982514&adk=1676129346&adf=683863926&pi=t.ma~as.2622982514&w=1200&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297584&bpp=8&bdt=192&idt=171&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=72&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZoOWXmaG5h&p=https%3A//suip.biz&dtd=176

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:09:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 8262 2 KB
902 B 49ms
48ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:42:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 8262 23 KB
9 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 8262 3 KB
1 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 8262 17 KB
7 KB 35ms
35ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8262 141 KB
44 KB 105ms
63ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 8262 33 KB
13 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 18:09:39 GMT

GET
DATA 200
OK truncated
/ Frame 354F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e68f69aba735276e37edd52201cc5d5d1df9357c69128ab42becdefcb53f61d0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6D78 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5b3c3baac38f92ca58c397f8dfaf014446a08934aed22df8bf61d63e6fd6565

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.ru/watch/35867470/
Redirect Chain

https://mc.yandex.ru/watch/35867470?wmode=7&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Afp%3A1147%3Afu%3A0%3Aen...
https://mc.yandex.ru/watch/35867470/1?wmode=7&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Afp%3A1147%3Afu%3A0%3A...

420 B
501 B

151ms
151ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/35867470/1?wmode=7&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1611366020036%3Ahid%3A391129539%3Az%3A0%3Ai%3A20220919210138%3Aet%3A1663621298%3Ac%3A1%3Arn%3A383916409%3Arqn%3A1%3Au%3A1663621298871647716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663621296465%3Ads%3A0%2C622%2C299%2C1%2C0%2C0%2C%2C270%2C0%2C%2C%2C%2C1194%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663621298%3At%3AGenerate%20and%20test%20domain%20typos%20and%20variations%20online&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

23c342c7c7f09cf0945f576575fb280cf9449112dcdf21cd969476870b012064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 19-Sep-2022 21:01:38 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://suip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Mon, 19-Sep-2022 21:01:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:38 GMT
last-modified: Mon, 19-Sep-2022 21:01:38 GMT
location: /watch/35867470/1?wmode=7&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Afp%3A1147%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1611366020036%3Ahid%3A391129539%3Az%3A0%3Ai%3A20220919210138%3Aet%3A1663621298%3Ac%3A1%3Arn%3A383916409%3Arqn%3A1%3Au%3A1663621298871647716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1663621296465%3Ads%3A0%2C622%2C299%2C1%2C0%2C0%2C%2C270%2C0%2C%2C%2C%2C1194%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663621298%3At%3AGenerate%20and%20test%20domain%20typos%20and%20variations%20online&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://suip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 19-Sep-2022 21:01:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8262 0
0 73ms
72ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyrCwsdgoY9a1Mv3po9kP8N6B0AHj6ImEZr7psdfgDrjhta_kKRABIOqutydg_eiigfADoAGm372eAsgBCakCwuVMpovrSj6oAwHIA8sEqgTPAU_QewB6aHkWbkm3VZzJPXdsvJvYLQkp7biUJhwRBAp4Mhi1Fj4b19lc7EIVEp_c2wGoglxnR8u8dGTfcjojrMWQYv4x8JTJPODH_2HfdFtgf_-Kgjg3D2fuXs1D6JP8p2xZFbu4HaCnO8jO_35JAOF5nML4gq8fbL88CFNNK-B8PdSRWeVV9lbsOu0Qv-YsHUg-Yrd-naOhetYmZZ49VdLr_2on0Ey7Edmgjix9gODPx9Mzh1ELRslqAKDD2DAlDoolHy9NuciNZGRU6PZ4DcAEufzJjNgDkgUECAQYAZIFBAgFGASgBi6AB8KgwuEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ05sI0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTAogUAdAVAYAXAbIXHAoaCAASFHB1Yi03MjE5ODI5MzUxMDI2MTQwGAA&sigh=qTyT7rZnM84&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2622982514&adk=1676129346&adf=683863926&pi=t.ma~as.2622982514&w=1200&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297584&bpp=8&bdt=192&idt=171&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=72&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZoOWXmaG5h&p=https%3A//suip.biz&dtd=176
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5460325400034858808/ Frame 8262 55 KB
55 KB 31ms
31ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5460325400034858808/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa43001c2eb32f850ddf77096f4e3e78255e8eafc5d41f28b4d06632689d79ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:26:16 GMT
x-content-type-options: nosniff
age: 560122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55875
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:39:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 09:26:16 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 147ms
142ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
etag: "6323e622-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Sep 2022 22:01:38 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4743 624 B
299 B 46ms
46ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhDt8V8Y86CdyAEwAQ&v=APEucNU3HNAkO3YMDzpw-oDwc3-TJ654w7BfpSMBpNlpkxP_4hp92bHJdvceZvx1Jsw6h4mtEtF36OaNg6zwm1WKjwQtntYXzw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:38 GMT
expires: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 71E5 79 KB
33 KB 77ms
76ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxkHEByibrSRyqNoMPLARsAX82hj-3hWYIPT2g1RKI79E5NiNuSCXQPGMlTrXOiePdfrHlYohVoalozSJPXYhtqqAQgg&cry=1&dbm_d=AKAmf-BcV7Qc2NOYEKWzDaSgo3BJERBddHFDECqTw1rjU2aNQzTmP2ChRxqE2ZZ2ttuaOU0AZ-on1Vbt4dJ-fkAG3hzehY3FpULnFpPl549NS5bGPHhaIgqpMa4q7kOnepy825-pz8f-GcWB7wLstHn7P9BTMi_4Z7lvEkZfiP3nnXtu5JpQfUgqvR0qJOlV7UMk2Phx8zqd7prp5J_J5ufPSuxZMOwatbwzdB8wz9yOO2JbLylF94_vbkP1CJnI8vQ5fxjr3GF4BNlHwPgRToUEkoaUiAyvFwUmqF4q8_GKfyctIQ23zuOFeFscU2tZnAeylZtiLJbZw8WZsI8_0dunSydywlZDOFWJSnmvG7HnQILXT-90ZKFxHzT6XTb3wBrO5rFEV-8E9FvxuQYYje7Ixj2HsoplHjUVuA78E3SdNUuGz4fiGjO6tiPPU1ixKeNPdhQEsXqipSWotJi7h0Jb6ZVN7omshxPETeVoGXs78PD8xFouGl05orCNxDe3x_uAaxl2RdGShaa04SexB16GgLGnzSy5GT5s_IQ_NYKVjwD9HTjsrNlDazT0-1U9RQHPaTr841i1I0CF9FujnvsjhOLgm2MGmKwrQvPr9ed37nepL9JqCsVLuiPnZAyyVie_NNtiM4ofFPKsxFZgfPcY2jmM76MlCNBSNSGRi3Qx7RJBF57MmnwrP6EKBV4ChRqt_00BFJqkc-piPbTfJfxMt9mmmOYN94AuA_5yL8_nsZabk7wMzklruvR7998dAN6ZfwaOeBBPt4HDNWrHirM9XmL72Z5n5vMEu6r_IOu8sPQpV1_LrnIKoSIAR2jEBty0RxDQF0RANFUl6X2WhyhwUmXxHq9Nev4_RimEQ-_y7LDjIWLRgHNFfTwpgq21JVb62FTeLBVd1tQdAZhumeWPq2SsCXUAeWkkpQkpOKvoRYkU_8uaT0R4AAH1S7nyzH2DhO9vSLEpNWyWy0M8S0bbyMLkaMmI8knxnNKERVTmIM69geT6dTr_blWqCuExGl497cymC-ysarqQYsXKIIPm51ABwknAfay6kmDdqN8Xowd4_YmESoyQVwFCTZ0rHg1FQZ403V_jU4Xwvt7HMT0N1a6z_WUTzY5vOTtQRfNEHBnTDwB5C9Mvk5GJQu0kZYKena6MjWqh2m15Pw3aSWJbPfgVws3ZKGumEqTpFJHKxCiplkj3uLnPKkORTr0W9xxUwyeVNUN_EARcxS0Bts-IXVD3vGtR8EJqtJ7aVQYHjAZFhvaisT8n2Cu_3ZamCh4YuCe9bXWnqBqAbDs9np-wTiNdAnqKINbHUVzm6j9xEWXlQi276Mh15PIvIgOxwRRh3xaEZJfGhcgyiliPtj3GPCgTTPzUgjGCR6T6i8f57PCjPDdVmapNkWkoJkyFa64Usn5HT6_MY9EdJAYe9C0tO_H87CewhefvkjUd0dkTH9KQXm3ePQ8wIRRKDWVLrfdn_LbNXxgr1LFanLynIoI07jiDuJgCQwKEhJRW1J0fc92v18cWf_FQEypIA6Qbrjil4NbL0VFpvnWB9wHnIdEOiOLsAR0nJXXf3Ekjy2GSduTnYR3Sg8dZJhMYK1zffzrXpbinZBw3hv2K4W-yXf3mQuasU3swnqabmkE3uyapd7jgR4CQOFfFACPJkSQaHf_stWpi-fdnOvTyzUT1wsLowER_Zi3mPeTC9vXIYeQT8I5GZLDPAU7L9ZHeeNbTCDhuA5ZtiDnZ0h22mXo6fsB2YzKSdND5V56aF5UUb49cUHkVZO_peWR6Ma8njRZTADGziLYUoI6PawrFcPxioqLYCYfRDYR6vC2sr1-Bf55ZzarMzluTB9zM8lxso2PFVL5W0_CCb_XG3VJWbercf_Hfm4P8ic7ix-hfWFVuQdD21CSMTVKaVccbSxFqtBz8u2WTdQYpsbST2WuJqSidFQWW7NVbGA_NHCkD1rKTpAa0gwpKuYGF4bYqcbc56p034zsH1HGb8FoP9bYN5VbAfYBe4_OUQxM7BgRvW-HfkUF5qUtcRDYg8Burhyr3FdjmV8yjhN0PUttED0cj61akIPVj_acqIGrMDcp1QC3PJKoZGxC3vsYDmLZDDH1xhU7jedN8GVxVKNzRafhTE7B__pzyKgdBfGSXefFaR53tpMLAthRDZfMxy5qsZbliWQ_hEj-skP-JsMiDhdRxlINzGZFtdWg5YEUKZXqr828YCIGZ8LelHeyJEQC6-P6H9DsR2SOiSDOFfy3mIBZyN_MvtB2l_57-8QReONwFJw5PCInRX8oGf_2SZHjBQp8mtxv6TTHM6QFZxKfyY69bCIiB6GmnBWDyXxwBjizKUjQdYAf_xo_oFePxruuOyiCQtE-8AA0tZymw1f0xj7UOqDrmOFJBdxjqcuugADfRFoprkk1oyp1_PRJ7PvsPsl5SOGmrIXHFMLZOGUljGJfwCDERvtC1rRxdo4ZpV-y19ZCgAeoET_EAVkoUWjYspwnQAoKvArI0InuDO7y-wJnsCV3LLnBxkPSJVuxCqtZbrJDEJHxX3jSO2o-KXPqbIPNXF8L8w5djg8HyRnDGj67bzlgELwgQshBV8Gq8KinqbAjOls8B-zspD_Psqq-mlDTKlUzG6UmhwSmfFwakrUA6X7SZDnolVwR1pW7jvX-vL4W_8gnWddCt74CEQzGLGp2Jsfqgj-ZnWPIn1toUuRUzSp-gBMc_poReULGp4ZVGUBiErzMlFeRS7-oj20LnTCTlCUiUqguZdQc4nFdQf9HN992DeKxhPG6FRyZhsMsI8Subczz2vtORIna2CIv7Epc5-xsnshIf_MrzXONjLPuj28ztTvFsbK9rSzpY5mgZ9gBPHhCBzM_vvukK8tCJAP7saDBJQtcAZ3VRYLpP5KC3d_-gR4VSEjH9py8TQP2KuZFVhRKlP-xz7V6oMPXq4oUdw5k5_njvrHkf3qjou-fm-_uwoQM7l-ZthTK4FiQUc60QmN3ql5NdnIqp7xFLEsiSzv6ZjorBy28DbAq4WljKUylJ3X2qO67w8pNqew&cid=CAASBORoCPk&rfl=2%2Chttps%253A%252F%252Fsuip.biz%252F%240

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb839c287e567ee4da2221d4f4bdc486eabf7845775d1d1dfcd6903b94b33eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33844
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 71E5 3 KB
1 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 71E5 17 KB
7 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71E5 141 KB
44 KB 59ms
59ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 71E5 42 B
63 B 35ms
34ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1Kt-spamd8WAUMX9i5dT0998Dr_ZK1cXvE6Qtv4F6jKhkzLciMKz9YyjCfmraz8OOe3OMejqfLcnKA-fLed2Uw6eo__TbPDz-F5Z0XvXa6DZ0i40

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 149 KB
53 KB 44ms
44ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a42fc8f61756ab1ce8adb942b109457b9950895c479bb7ea10b7979fc966bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54567
x-xss-protection: 0
server: cafe
etag: 2972134545454269644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
DATA 200
OK truncated
/ Frame 9683 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ddc0a3284f1a1a3c2405d8cb0fe99c9df921fd44b846d503d8a05552b85c25c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame D2AD 6 KB
672 B 35ms
35ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 20:56:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D2AD 2 KB
902 B 21ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:42:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame D2AD 23 KB
9 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D2AD 3 KB
1 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D2AD 17 KB
7 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2AD 141 KB
44 KB 40ms
39ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:38 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame D2AD 33 KB
13 KB 35ms
35ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 18:09:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 354F 15 KB
16 KB 96ms
22ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 437374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:32:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 354F 15 KB
15 KB 96ms
26ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:33:24 GMT
x-content-type-options: nosniff
age: 437294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:33:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 354F 15 KB
15 KB 114ms
49ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 297420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 10:24:38 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8256 22 KB
8 KB 21ms
19ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 17185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 16:15:13 GMT
expires: Tue, 19 Sep 2023 16:15:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D2AD 0
0 64ms
61ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8xZQsdgoY6_CMteUqMwPhr-0sAPj6ImEZr7psdfgDrjhta_kKRABIOqutydg_eiigfADoAGm372eAsgBCakCwuVMpovrSj6oAwHIA8sEqgTOAU_QoCT2SSeRcAU_ct0x2XpG0inqDKOHNX0ORDJp3DzpOiCPmEggo2Vacm6iOAzgW1rsl1LfdOjAhw1drpneyeip4zkdv769p4eYoPKtPSA4nFBTf8CViY8vz4vuFR81sEPUAEHJBzSdh_y2Ae5iY2WVfMe4CInZqwRbcPuYKu1MMkjVjouVKSL064ya0X484bOxWy-6lIVJ3lY41Pk5VugWjpefIvkEByv2tTdDJIKDt4uErDm2FwIhW_SCVFMzskENy7C9hj5u6g8qGc21wAS5_MmM2AOSBQQIBBgBkgUECAUYBKAGLoAHwqDC4QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDcoyrSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMCiBQB0BUBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=Rg5pb4jjJzE&uach_m=[UACH]&cid=CAQSGwCsnQUx24xzNvOQykNiYY9B-_Je70W5BvDyTxgBIA4&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 60ms
59ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4GETsdgoY9P-M467o9kPr7um2Azj6ImEZr7psdfgDrjhta_kKRABIOqutycoDGD96KKB8AOgAabfvZ4CyAEGqQLC5Uymi-tKPqgDAcgDAqoEyAFP0CKlG14Z4NZwhOE9JdFntDJWKwkKeotl10CxMBNHtp-LD8HYMIo7tW7kYTpD7fIl6RGpYMb3jjf9tKrdP1la1YT0PotFZCAt5pFJzZkWbLDd0IdR2W-7wDdssMIQ5dLyEn18sBpvzTasZgYjDMm0zDTsJafuED0bnpGKYjJh0ewgZZqqAWkTetPMsbzBvi6bSX-MoswSbQPrLYkzXLuIcD02wVkaSW3glCkfd_0w6nz5Yrf2UfaN3VVwSJr4PoL0_mriGmTPlMAEufzJjNgDkgUECAQYAZIFBAgFGASgBjeAB8KgwuEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6IkF0ggPCIBhEAEYHzICigI6AoBAgAoByAsBwhMGGKbfvZ4C2BMCiBQB0BUBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=tPfL1LIhLtE&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 77ms
60ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCr8ysdgoY9P-M467o9kPr7um2AydrMmhbOvq1JfwDeiJ94P7IBACIOqutycoDGD96KKB8AOgAeuIkJ4DyAEGqAMByAMCqgTSAU_QHr-WagPZ78M36EYjzX7qfl04ybF8u2TRCP0xEKttgP0Twdwzwy61MuJ9Ix2h-Ta8Afdi0b7GMOO7u84kWsM0gHG8iOSuomu5RwHXbd1bvCSPL6Eyz4vAN3K7whCX2u8Si3RYXUvDQ69mBtZLPDdMNBkmUu0Sve6dZIliMpbSGyNlml8CnBB40TmyScK-Lm5Ii4-izPJrGQ6_DTGRM4xx3XDV9LYjeRw31Qg_qY8Z0X29A2BA9nttYmW5H-U-gvT8aslOPpOjkY1-k3435Jpl8sAE6ajqm9EDkgUECAQYAZIFBAgFGASgBjeAB_3272GoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDoiQXSCA8IgGEQARgfMgKKAjoCgECACgHICwHCEwYY64iQngPYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNzIxOTgyOTM1MTAyNjE0MBgA&sigh=EFF_fwXWlak&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 74ms
57ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C79U1sdgoY9P-M467o9kPr7um2Ayjh6bAbOfMjZy7EL_O8_0IEAMg6q63JygMYP3oooHwA6ABj_b59gPIAQaoAwHIAwKqBMoBT9A-1JBqAtnvwzfoRiPNfup-XTjJsXy7ZNEI_TEQq22A_RPB3DPDLrUy4n0jHaH5NrwB92LRvsYw47u7ziRawzSAcbyIhK4kB1OlOyTVDLFb69CHUdkkvYsxcrvcG9zc1hyIf7BemopDr-YG1g88N8y0GSZS7RI97J1kiWIylNIbI2eaXwKcEHrRObBJwr4ubkqLj6PM8msMC2zDqPJ-gHA9dhvJMmK835lg3GA7At9VUGKWUFjUgcWf1R7baKGq1vByPf4MnTZvmsAEp-q00o4EkgUECAQYAZIFBAgFGASgBjeAB_vG-2KoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDoiQXSCA8IgGEQARgfMgKKAjoCgECACgHICwHCEwYYj_b59gPYEw3QFQGAFwGyFxwKGggAEhRwdWItNzIxOTgyOTM1MTAyNjE0MBgA&sigh=dUE6Es5nYYs&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 113ms
69ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLybnsdgoY9P-M467o9kPr7um2Azv6tW9bN3G2qbBDNiSzLbeCRAEIOqutycoDGD96KKB8AOgAdTTsIwDyAEBqAMByAMCqgTXAU_QdI-cagXZ78M36EYjzX7qfl04ybF8u2TRCP0xEKttgP0Twdwzwy61MuJ9Ix2h-Ta8Afdi0b7GMOO7u84kWsM0gAm_iMSuIw9TVgnXvpvN8sfQh4wyz1Yr3JkbL_s3KQ_5fq29q5nOtqwi89WPyTTMwRomJ-4SyO2dkYhix5fS7iBlb1wAaRN6JDqyvMG8221KfoyiOfFq7A2-7TcfMmUDp3xoW4fpDeMo3a-wvTEb0RXKUWh53knPsc2RPvTkAhtMWhHmzzeTHEr4IU6FEyff-59UwwlWwASurKzesQOSBQQIBBgBkgUECAUYBKAGUYAHlKzPc6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOiJBdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAcITBhjU07CMA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi03MjE5ODI5MzUxMDI2MTQwGAA&sigh=TvVFfE0AXYM&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 112ms
67ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZM4JsdgoY9P-M467o9kPr7um2AyBibW5bMyG2tzwEKaRkrGKDhAFIOqutycoDGD96KKB8AOgAbjzyfQoyAEBqQK_-5yF6cuwPqgDAcgDAqoE2wFP0Cz0h2oE2e_DN-hGI81-6n5dOMmxfLtk0Qj9MRCrbYD9E8HcM8MutTLifSMdofk2vAH3YtG-xjDju7vOJFrDNIAJv4jEriMHU-BAaMEMsVvr0IdR2SS9izFyu9wb3NzWHIh_sF6aikOv5gbWDzw3zLQZJlLtEj3snWSJYjKU0hsjZ5pfApwQetE5sEnCvi5uSouPo8zyawwLQo_CaLBFeD12WxOiS4cc5kCs3hONzz0g45bUm2ZEfbvlOj7OHIL96I7fK2YTqbONcoWsN9af-cEo9HzumNT9h1bABNaQvJWbBJIFBAgEGAGSBQQIBRgEoAZmgAe4q5rUA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOiJBdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAcITBhi488n0KNgTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi03MjE5ODI5MzUxMDI2MTQwGAA&sigh=GawoNDRqeS8&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 116ms
73ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5X2osdgoY9P-M467o9kPr7um2Ayxwcu7bMGq5K3LEKKrgLGxJRAGIOqutycoDGD96KKB8AOgAY-mmswByAEGqAMByAMCqgTLAU_QPLKCagfZ78M36EYjzX7qfl04ybF8u2TRCP0xEKttgP0Twdwzwy61MuJ9Ix2h-Ta8Afdi0b7GMOO7u84kWsM0gHG8iISuPgdTxTAA3Q2xW-vQh1HZJL2LMXK73Bvc3NYciH-wXpqKQ6_mBtYPPDfMtBkmUu0SPeydZIliMpTSGyNnml8CnBB60TmwScK-Lm5Ki4-jzPJrDAsdpLslsUV4HSTKbKJLlxyTB6PLKo3fVXPwlvzP_aPFk8GJ22iCONzScjPo15dREDFvwATI7pHelASSBQQIBBgBkgUECAUYBKAGN4AH2dnlswKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDoiQXSCA8IgGEQARgfMgKKAjoCgECACgHICwHCEwYYj6aazAHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzIxOTgyOTM1MTAyNjE0MBgA&sigh=67JKFb7sBlE&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 103ms
61ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUuNusdgoY9P-M467o9kPr7um2AyThYG_bLTigMLJEJaCzYWIFhAHIOqutycoDGD96KKB8AOgAdiFm7AoyAEGqAMByAMCqgTeAU_QRNKBagbZ78M36EYjzX7qfl04ybF8u2TRCP0xEKttgP0Twdwzwy61MuJ9Ix2h-Ta8Afdi0b7GMOO7u84kWsM0gAm_iMSuIw9TXgnXr5Xi9sfQh4wyz1Yr3JkbL_s3KQ_5fq29q5nOtqwi89WPyTTMwRomJ-4SyO2dkYhix5fS7iBlb1wAaRN6JDqyvMG8221KfoyiOfFq7A2-7TcfDBniPrtTUzhB9I495gCf61Gt-e2TMwnP3oFMFn8tH8SYi9bwcjr-J-tXLaVcnWarC65UUZTcUPZBR0n389eOmMAEv-6WqIsEkgUECAQYAZIFBAgFGASgBjeAB9i9648DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6IkF0ggPCIBhEAEYHzICigI6AoBAgAoByAsBwhMGGNiFm7Ao2BMN0BUBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=_0zbXWS2wmQ&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 106ms
65ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFUwmsdgoY9P-M467o9kPr7um2AzGjMCea8CJpojyD5WMg4iQDhAIIOqutycoDGD96KKB8AOgAazsn7MoyAEBqAMByAMCqgTLAU_QBNaGagnZ78M36EYjzX7qfl04ybF8u2TRCP0xEKttgP0Twdwzwy61MuJ9Ix2h-Ta8Afdi0b7GMOO7u84kWsM0gAm_iISuMAdTpS0E9AyxW-vQh1HZJL2LMXK73Bvc3NYciH-wXpqKQ6_mBtYPPDfMtBkmUu0SPeydZIliMpTSGyNnml8CnBB60TmwScK-Lm5Ki4-jzPJrDAtxjK8EsEV4PXZbE6JLlxznAorwLY3IRDOJqfzV_6PFk8GJzHnCQePScjPo1-NUOQpowAS6s8XB8wOSBQQIBBgBkgUECAUYBKAGZoAHrKTwkgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDoiQXSCA8IgGEQARgfMgKKAjoCgECACgHICwHCEwYYrOyfsyjYEwqIFAHQFQGAFwGyFxwKGggAEhRwdWItNzIxOTgyOTM1MTAyNjE0MBgA&sigh=cdm3OkKpyuQ&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 111ms
70ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1xr4sdgoY9P-M467o9kPr7um2AyWn8fdadHm6pr8D8CNtwEQCSDqrrcnKAxg_eiigfADoAH0_-TPA8gBAagDAcgDAqoE2wFP0GzlhmoI2e_DN-hGI81-6n5dOMmxfLtk0Qj9MRCrbYD9E8HcM8MutTLifSMdofk2vAH3YtG-xjDju7vOJFrDNIAJv4jEriMHU78pbYMNsVvr0IdR2SS9izFyu9wb3NzWHIh_sF6aikOv5gbWDzw3zLQZJlLtEj3snWSJYjKU0hsjZ5pfApwQetE5sEnCvi5uSouPo8zyawQINKnClVOOv9nm21KiS4cc3hPDjC-NpCwslqjU5FNXE4TlKD3OHIL46OXOJxMtqbONc4XTAsXxxsEo9HzuoIeS1WrABIy22OONBJIFBAgEGAGSBQQIBRgEoAZRgAfX-fF_qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6IkF0ggPCIBhEAEYHzICigI6AoBAgAoByAsBwhMGGPT_5M8D2BMM0BUBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=C1RPTeWj7PI&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 108ms
67ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8ZSHsdgoY9P-M467o9kPr7um2Azl6sHUa-q9k-bbD875t4GMDhAKIOqutycoDGD96KKB8AOgAdrCzsYoyAEGqQK_-5yF6cuwPqgDAcgDAqoE3gFP0G7Ai2oL2e_DN-hGI81-6n5dOMmxfLtk0Qj9MRCrbYD9E8HcM8MutTLifSMdofk2vAH3YtG-xjDju7vOJFrDNIAJv4iMrpwiysvYPXIgsVs2O2y6eclWK8KSUCnCOSoEEX189KuZTrasZvPVD0k0zMEaJqfsEsjtnZGKYseX0O4gZW9cAmkTeCQ6srzBvtttS36Moiz0mCKsFw7RlmQ09De7U1M4QfSOPeYAwOYt9cfti2grl-CBFG9TdyDExIjW8HI6_njmK3WbXJ1mqwv2LX3O41D2QUdJ76j11qbABKbv2tf8A5IFBAgEGAGSBQQIBRgEoAY3gAfa-p6mA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOiJBdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAcITBhjaws7GKNgTCtAVAYAXAbIXHAoaCAASFHB1Yi03MjE5ODI5MzUxMDI2MTQwGAA&sigh=qmcaAZLKgTI&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 117ms
80ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB9tpsdgoY9P-M467o9kPr7um2AzT6sK1bIXx2MvBEAoQCyDqrrcnKAxg_eiigfADoAGmufrrAcgBBqkCN-ynL8KmCD6oAwHIAwKqBMwBT9BgpQBbGe3WcIThPSXRZ7QyVisJCnqLZddAsTATR7afiw_B2DCKO7Vu5GE6Q-3yJekRqWDG9443_bSq3T9ZWtWE9EaIRWwgyZlGQ2LI30Gw3Q1sujLPViuXn1Ap5Tw3BMBwibNems7yWWWG1g_Jwc80mSanGxE97p-Rf2EylNLu1WaYXwJp5nnRObK-NL0ubkp-eaHN8mvs7bj-4jFoir01eZtYBtu-Nz8_grfunzMeUrwb_HkFiOeTzZ0vI6N0UdhQM-bBI2kxTauPwATD5MXEowSSBQQIBBgBkgUECAUYBKAGN4AHgOer2gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDoiQXSCA8IgGEQARgfMgKKAjoCgECACgHICwHCEwYYprn66wHYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItNzIxOTgyOTM1MTAyNjE0MBgA&sigh=02FIlXOlWY8&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F890 0
0 107ms
72ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW33EsdgoY9P-M467o9kPr7um2AzLp8PAbPKy9YGBD9nZHhAMIOqutycoDGD96KKB8AOgAbCknZYDyAEGqAMByAMCqgTKAU_QUq-HagrZ78M36EYjzX7qfl04ybF8u2TRCP0xEKttgP0Twdwzwy61MuJ9Ix2h-Ta8Afdi0b7GMOO7u84kWsM0gHG8iISuJwdT-EgJ4w2xW-vQh1HZJL2LMXK73Bvc3NYciH-wXpqKQ6_mBtYPPDfMtBkmUu0SPeydZIliMpTSGyNnml8CnBB60TmwScK-Lm5Ki4-jzPJrDAsQ-LD7foBwPXYbyTJivNr7badnOzHsY1BillBY1IHFn9Ut6F6hqtbwcj3-Cf87FJ3ABIWI_7nuA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAe42-JpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6IkF0ggPCIBhEAEYHzICigI6AoBAgAoByAsBwhMGGLCknZYD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTcyMTk4MjkzNTEwMjYxNDAYAA&sigh=hqSdEr9vJyw&uach_m=[UACH]&cid=CAQSGwCsnQUx798P95YzSfozt9vSYun2dmMta_hbTRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=456&slotname=5466671377&adk=1632491108&adf=1382000130&pi=t.ma~as.5466671377&w=760&cr_col=4&cr_row=2&fwrn=2&lmt=1663621297&rafmt=9&psa=0&format=760x456&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297619&bpp=2&bdt=227&idt=175&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=1375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JsywQkrwnt&p=https%3A//suip.biz&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8262 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc3e667bef10e8d08a65fff0c4e9f0553c309651a20224e526a492ed7b8a8ce

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5460325400034858808/ Frame D2AD 55 KB
55 KB 50ms
20ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5460325400034858808/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa43001c2eb32f850ddf77096f4e3e78255e8eafc5d41f28b4d06632689d79ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 09:26:16 GMT
x-content-type-options: nosniff
age: 560122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55875
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:39:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 09:26:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6D78 15 KB
16 KB 97ms
33ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 437374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:32:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6D78 15 KB
15 KB 106ms
42ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:33:24 GMT
x-content-type-options: nosniff
age: 437294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:33:24 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6D78 15 KB
15 KB 107ms
43ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 297420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 10:24:38 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4743
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1

43 B
879 B

95ms
67ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhDt8V8Y86CdyAEwAQ&v=APEucNU3HNAkO3YMDzpw-oDwc3-TJ654w7BfpSMBpNlpkxP_4hp92bHJdvceZvx1Jsw6h4mtEtF36OaNg6zwm1WKjwQtntYXzw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74d541ff0bd754d3-YYZ
pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKFRrt8U3dNFq1G6lTPXZqCYxx1CBpwFZUDiO2dDvZHXW1j%2F4zABulVdn2Wye0yAZn1Qg%2B8KNle6S20JQpG0LFbOUgAYnB12Y4%2B7yKQ9DY8zpbGUFGCXJKULaj7F%2BcngV726vyz1yJze6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4743
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyjYst7aQOBuk2-0HGMlUgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1

43 B
841 B

60ms
58ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhDt8V8Y86CdyAEwAQ&v=APEucNU3HNAkO3YMDzpw-oDwc3-TJ654w7BfpSMBpNlpkxP_4hp92bHJdvceZvx1Jsw6h4mtEtF36OaNg6zwm1WKjwQtntYXzw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74d542009e2354d3-YYZ
pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pXgJnfCr6CQT70JhhW%2F4u68uDAhDsWyLz8xCtxlygHCgjlge4nHGy16zjiGMKXC2hBFyFS%2BxIZ7%2BnJKrFSkh3KDSxaVELId1mVHZ1Zat8FHosH6REadgiNhDyN46beRgS7mUjHZjL58UA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBrWO7ZccnL6qFjqrSYMEms&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4743
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECXF7kU6e125XRQ1qTnOGXc&google_cver=1

43 B
1018 B

53ms
18ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECXF7kU6e125XRQ1qTnOGXc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjmXhDt8V8Y86CdyAEwAQ&v=APEucNU3HNAkO3YMDzpw-oDwc3-TJ654w7BfpSMBpNlpkxP_4hp92bHJdvceZvx1Jsw6h4mtEtF36OaNg6zwm1WKjwQtntYXzw

Protocol

HTTP/1.1

Server

68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 21:01:39 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 067928cd-e488-4660-9d65-283f657d416d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECXF7kU6e125XRQ1qTnOGXc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4743
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTA2MDU1ODk4NjM5MDYyNQ%3D%3D

170 B
188 B

38ms
36ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTA2MDU1ODk4NjM5MDYyNQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 21:01:39 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: f4ca3161-a58a-4482-98c1-3232123f1103
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3OTA2MDU1ODk4NjM5MDYyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 71E5 106 KB
37 KB 77ms
34ms Script
text/javascript 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 02:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 02:03:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 71E5 8 KB
3 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxkHEByibrSRyqNoMPLARsAX82hj-3hWYIPT2g1RKI79E5NiNuSCXQPGMlTrXOiePdfrHlYohVoalozSJPXYhtqqAQgg&cry=1&dbm_d=AKAmf-BcV7Qc2NOYEKWzDaSgo3BJERBddHFDECqTw1rjU2aNQzTmP2ChRxqE2ZZ2ttuaOU0AZ-on1Vbt4dJ-fkAG3hzehY3FpULnFpPl549NS5bGPHhaIgqpMa4q7kOnepy825-pz8f-GcWB7wLstHn7P9BTMi_4Z7lvEkZfiP3nnXtu5JpQfUgqvR0qJOlV7UMk2Phx8zqd7prp5J_J5ufPSuxZMOwatbwzdB8wz9yOO2JbLylF94_vbkP1CJnI8vQ5fxjr3GF4BNlHwPgRToUEkoaUiAyvFwUmqF4q8_GKfyctIQ23zuOFeFscU2tZnAeylZtiLJbZw8WZsI8_0dunSydywlZDOFWJSnmvG7HnQILXT-90ZKFxHzT6XTb3wBrO5rFEV-8E9FvxuQYYje7Ixj2HsoplHjUVuA78E3SdNUuGz4fiGjO6tiPPU1ixKeNPdhQEsXqipSWotJi7h0Jb6ZVN7omshxPETeVoGXs78PD8xFouGl05orCNxDe3x_uAaxl2RdGShaa04SexB16GgLGnzSy5GT5s_IQ_NYKVjwD9HTjsrNlDazT0-1U9RQHPaTr841i1I0CF9FujnvsjhOLgm2MGmKwrQvPr9ed37nepL9JqCsVLuiPnZAyyVie_NNtiM4ofFPKsxFZgfPcY2jmM76MlCNBSNSGRi3Qx7RJBF57MmnwrP6EKBV4ChRqt_00BFJqkc-piPbTfJfxMt9mmmOYN94AuA_5yL8_nsZabk7wMzklruvR7998dAN6ZfwaOeBBPt4HDNWrHirM9XmL72Z5n5vMEu6r_IOu8sPQpV1_LrnIKoSIAR2jEBty0RxDQF0RANFUl6X2WhyhwUmXxHq9Nev4_RimEQ-_y7LDjIWLRgHNFfTwpgq21JVb62FTeLBVd1tQdAZhumeWPq2SsCXUAeWkkpQkpOKvoRYkU_8uaT0R4AAH1S7nyzH2DhO9vSLEpNWyWy0M8S0bbyMLkaMmI8knxnNKERVTmIM69geT6dTr_blWqCuExGl497cymC-ysarqQYsXKIIPm51ABwknAfay6kmDdqN8Xowd4_YmESoyQVwFCTZ0rHg1FQZ403V_jU4Xwvt7HMT0N1a6z_WUTzY5vOTtQRfNEHBnTDwB5C9Mvk5GJQu0kZYKena6MjWqh2m15Pw3aSWJbPfgVws3ZKGumEqTpFJHKxCiplkj3uLnPKkORTr0W9xxUwyeVNUN_EARcxS0Bts-IXVD3vGtR8EJqtJ7aVQYHjAZFhvaisT8n2Cu_3ZamCh4YuCe9bXWnqBqAbDs9np-wTiNdAnqKINbHUVzm6j9xEWXlQi276Mh15PIvIgOxwRRh3xaEZJfGhcgyiliPtj3GPCgTTPzUgjGCR6T6i8f57PCjPDdVmapNkWkoJkyFa64Usn5HT6_MY9EdJAYe9C0tO_H87CewhefvkjUd0dkTH9KQXm3ePQ8wIRRKDWVLrfdn_LbNXxgr1LFanLynIoI07jiDuJgCQwKEhJRW1J0fc92v18cWf_FQEypIA6Qbrjil4NbL0VFpvnWB9wHnIdEOiOLsAR0nJXXf3Ekjy2GSduTnYR3Sg8dZJhMYK1zffzrXpbinZBw3hv2K4W-yXf3mQuasU3swnqabmkE3uyapd7jgR4CQOFfFACPJkSQaHf_stWpi-fdnOvTyzUT1wsLowER_Zi3mPeTC9vXIYeQT8I5GZLDPAU7L9ZHeeNbTCDhuA5ZtiDnZ0h22mXo6fsB2YzKSdND5V56aF5UUb49cUHkVZO_peWR6Ma8njRZTADGziLYUoI6PawrFcPxioqLYCYfRDYR6vC2sr1-Bf55ZzarMzluTB9zM8lxso2PFVL5W0_CCb_XG3VJWbercf_Hfm4P8ic7ix-hfWFVuQdD21CSMTVKaVccbSxFqtBz8u2WTdQYpsbST2WuJqSidFQWW7NVbGA_NHCkD1rKTpAa0gwpKuYGF4bYqcbc56p034zsH1HGb8FoP9bYN5VbAfYBe4_OUQxM7BgRvW-HfkUF5qUtcRDYg8Burhyr3FdjmV8yjhN0PUttED0cj61akIPVj_acqIGrMDcp1QC3PJKoZGxC3vsYDmLZDDH1xhU7jedN8GVxVKNzRafhTE7B__pzyKgdBfGSXefFaR53tpMLAthRDZfMxy5qsZbliWQ_hEj-skP-JsMiDhdRxlINzGZFtdWg5YEUKZXqr828YCIGZ8LelHeyJEQC6-P6H9DsR2SOiSDOFfy3mIBZyN_MvtB2l_57-8QReONwFJw5PCInRX8oGf_2SZHjBQp8mtxv6TTHM6QFZxKfyY69bCIiB6GmnBWDyXxwBjizKUjQdYAf_xo_oFePxruuOyiCQtE-8AA0tZymw1f0xj7UOqDrmOFJBdxjqcuugADfRFoprkk1oyp1_PRJ7PvsPsl5SOGmrIXHFMLZOGUljGJfwCDERvtC1rRxdo4ZpV-y19ZCgAeoET_EAVkoUWjYspwnQAoKvArI0InuDO7y-wJnsCV3LLnBxkPSJVuxCqtZbrJDEJHxX3jSO2o-KXPqbIPNXF8L8w5djg8HyRnDGj67bzlgELwgQshBV8Gq8KinqbAjOls8B-zspD_Psqq-mlDTKlUzG6UmhwSmfFwakrUA6X7SZDnolVwR1pW7jvX-vL4W_8gnWddCt74CEQzGLGp2Jsfqgj-ZnWPIn1toUuRUzSp-gBMc_poReULGp4ZVGUBiErzMlFeRS7-oj20LnTCTlCUiUqguZdQc4nFdQf9HN992DeKxhPG6FRyZhsMsI8Subczz2vtORIna2CIv7Epc5-xsnshIf_MrzXONjLPuj28ztTvFsbK9rSzpY5mgZ9gBPHhCBzM_vvukK8tCJAP7saDBJQtcAZ3VRYLpP5KC3d_-gR4VSEjH9py8TQP2KuZFVhRKlP-xz7V6oMPXq4oUdw5k5_njvrHkf3qjou-fm-_uwoQM7l-ZthTK4FiQUc60QmN3ql5NdnIqp7xFLEsiSzv6ZjorBy28DbAq4WljKUylJ3X2qO67w8pNqew&cid=CAASBORoCPk&rfl=2%2Chttps%253A%252F%252Fsuip.biz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:59:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 71E5 30 KB
11 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:57:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8262 15 KB
16 KB 20ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 437374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:32:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8262 15 KB
15 KB 22ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:33:24 GMT
x-content-type-options: nosniff
age: 437294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:33:24 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8262 15 KB
15 KB 24ms
23ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 297420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 10:24:38 GMT

GET
DATA 200
OK truncated
/ Frame F890 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0a4952651ae41a356f54d660c0f831c3ad5c7e318796ff104be9cabec5da4d6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 87ms
44ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=suip.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 21:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 84ms
41ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=suip.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 21:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/ Frame 7B22 10 KB
4 KB 21ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 5391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 19:31:47 GMT
etag: 9671129459699598864
expires: Mon, 03 Oct 2022 19:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/ Frame 3A40 10 KB
4 KB 20ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 5391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 19:31:47 GMT
etag: 9671129459699598864
expires: Mon, 03 Oct 2022 19:31:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F890 15 KB
16 KB 24ms
24ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 437375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:32:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F890 16 KB
16 KB 22ms
22ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 12:50:57 GMT
x-content-type-options: nosniff
age: 547842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 12:50:57 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F890 15 KB
15 KB 23ms
22ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:33:24 GMT
x-content-type-options: nosniff
age: 437295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:33:24 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame B040 36 KB
16 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D7E 36 KB
16 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
DATA 200
OK truncated
/ Frame D2AD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be61c324c5ac0b8be4515353ead2a7e509dfec0c4880c85fc0c0eeac252183fe

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D00 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H/1.1

200
OK

firstevent Show response
scotiabank.demdex.net/ Frame 71E5
Redirect Chain

https://scotiabank.demdex.net/event?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865
https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865

42 B
957 B

98ms
93ms

Script
image/gif

54.186.7.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

HTTP/1.1

Server

54.186.7.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-7-121.us-west-2.compute.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v038-0a0973ea2.edge-usw2.demdex.com 13 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dQKbMDBZRHg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-1-v038-06ff77c74.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: j0zQgQ7JQsk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 84 KB
19 KB 63ms
21ms Document
text/html 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad10155b9ba7b76bed168f3eac4d8cae445a01b44faa3e8e5705391d3522a0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 538401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19582
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 15:28:18 GMT
expires: Wed, 13 Sep 2023 15:28:18 GMT
last-modified: Wed, 11 May 2022 18:55:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 71E5 0
27 B 98ms
53ms Ping
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5gfwHNCwVSH6Y5YfqE4z7S6n9-rRLeEc8ipUvdvCpSCnX6vDmjAnRK8ouk3DtDYleoqbB1aMJDXceKxx9e4BmWmj0kouk1MJQ7N2Uf5GvGko97MRk_X_TE10oZrVVeDLYwr1hO9UaPmZIcppq2RKKva75SeZJMY7cK3nJeNj_8fBrqBPO5v3L9tN7z9gOEsMdp_Ub6LDC5R0JlhkhsIuU1mPLJl5wfDzpVCiToRYzvOweS2rc4z6igy39l1D8rlNm-gV6bj9DUx_WYZdmvtVQzPUlhD5w1I1DicNG_Z-4pORcKwmTsE8NYyYcleqHZcbCUHQELMfrtxZEd2eh0Y0I1rOysNBc2Y398AXzz14IQMb9Y-PsuMJR4nJkZfBu_wTXmORSwU-AdXgKGNeXwAtGh3N9Wg4OHl78zoDZEz3QAm2kif7ojMPdtmMMxeDoyEu4aeI48oOBH0JP1-GDXyAXD0NXi68Hevosh5eWl8K1JQYj4mU8-is2uifKkDmpCJW9fpP2oBWPFkC9qCFdjlZ9maFJffrMdwecvDmNv3w-NYKVRx38u9eg-YMag5GqMl-9A3M3Nx6BJeU3C6tDOWqFccDO8n3eoBDhQFC7sl-7UkV7b595MIDOsDRi4Pqx5svY5VKqPTDxQ6743HW1bhJ3ecch2Lq7tTD0yzjsMXpL8fW_U73R6Ij49BbiVp-3n1nS4AuxQyhN-fukzAcbXo58zhIgLj6SEY4jNh5WrKrGoVWacdWPb9jxXGbvcMiCeVUfacDe7f0JUr7-JPSSGMhSu2rlaxY6e9IQnn1ttbzxvQgrFdUxbcj7IkJ1aXyOJOGwfStca0DUWiTwGF4tPOQaIkjHhhwfXu44EYuQZjYOY3yUhoBdfiHCm0JNgc5LSJ02t2LAxi7UU_30B5S7RvvduyWJCikN1ewSwVgT_pFYalVFZPYZbCS83cbtYvRNgRJz-1c_V83OLIO9tr7udU8rtKBjrwERTcQ8orqHLreaRZjdCg4MTXDfEAoMBjhdRBw9k_Uv9Dh8103m-8AAQ-Lg-hWqrBxxwCrV7JIzI2q4k5ZAWPhuYT7vGwDhSQdtpArZTF2LceUBThs-3HwfHbfVf6lhQw-SLeHkjSzvVEq5dEVnaPY7VYKT8vfkdKVE8ickWryTo3pz2eehMkaQDxnOJ1gimNUu0qSly9XolDd_Vckj8JJN-0KYsNzPvRKtVC0y&sai=AMfl-YRpq8asoU46V5Xi8MuNqI0v4TBFlNL-7LplNbBStnKL4bBMj7KWoAN8BgbmOlVDApqzGhC71OQ604mqUA6XIxSL0FAVkYJ6ZGEKeFYWJtPsyEIcHgLx1LO143T-sUdQ4uRhzg0HGQP2kdmIfBwvW1n-0L4&sig=Cg0ArKJSzJhr0SaA5cemEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=400&cbvp=1&cstd=393&cisv=r20220915.78501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 19 Sep 2022 21:01:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D2AD 15 KB
16 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 437375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:32:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D2AD 15 KB
15 KB 22ms
21ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:33:24 GMT
x-content-type-options: nosniff
age: 437295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:33:24 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D2AD 15 KB
15 KB 22ms
22ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 297421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 10:24:38 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8256 36 KB
16 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 71E5 41 KB
15 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 10:05:01 GMT

GET
DATA 200
OK truncated
/ Frame 71E5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1009b3396f4b21a600498df1df532f4485fc82c1687ab1d49389746dd11ed8f3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 7B22 4 KB
636 B 38ms
37ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 21:01:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:39 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7B22 205 B
229 B 25ms
21ms Image
image/png 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 22:40:56 GMT
x-content-type-options: nosniff
age: 598843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Sep 2023 22:40:56 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7B22 604 B
628 B 25ms
22ms Image
image/png 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 00:11:42 GMT
x-content-type-options: nosniff
age: 161397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Sep 2023 00:11:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 7B22 19 KB
8 KB 23ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12420716543898108158
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 18:58:55 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 7B22 12 KB
6 KB 26ms
22ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f573faf89538cca952685c9aedf3791c2affd3bfb757228b95766b7a3f58926f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5776
x-xss-protection: 0
server: cafe
etag: 17556852573667057119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:56:37 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7C26 640 B
316 B 49ms
44ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInEqdwCEJ3Xv4MDGJabjsEBMAE&v=APEucNXJlHVrXoTw5nDa0loU0qxDZ1PjXgh87oyeFayJwKy3PQV5udbWpAzkSQJKfDQPPeIlUaX6oxlu84yCI0xPVRKHwOVtRg

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 65A4 15 KB
11 KB 65ms
60ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC5Sq5xannJVXUL7BIEPtxOR_DZfapkNQLbZbsGFvjGj4glXQzwefjcK6Q6JVtpPANGAiUUKhet-j6CXfLdm8UIr07xOv4h2TM7i3LpFUZFIcEsEh9ytb-OTDuNN8gmIGuZCK_-s44I2xegnG9HApan8RlQXNdzbtZaaJIyf6abldgLhU&cry=1&dbm_d=AKAmf-C4LTpy0AVz3SVoO9Pw3104tyK4KG7MmBidAhlCslTD-mjBT6SiqvQFHzfwo-ZKZ0hsspOGcjsd9vWcURE6mnOogctn_USK-eCxd-_enzwTSqrD1nMjaxrEYUhC12pKCS5ZCK85w4HLKd_YNT7yxWgLHzsvCf3a1aLT37WcLcAR9E7emSU096gHji0nQ-7Za1PRubpD6Yw-2NttGodun5aOdKId0ESPOKcn23POj7gcfU0IUKDYpj8crNPmFLZaSPEpEZ_jqrkPUCnfqev5J2YScQbR-FL7N0SmUEuDo0jwNvKWM7F9e2LN90RbqTzBN91b5AIj8LFaAFrUOORN8n81jRid3PULLUDDZy3qZYoh6MNQteviffkW5P1_A6g8Ol41mWTHzOYtDTymyxnKxSWqmyL-5jRZ-vlKv8wQZ2809Y8gwybp-60L9ZQd22R9a_2J49mSNnyO0IMs5wtv4LjMUDuu6iw4ctJE3fUvMben2sGkUzPzDBF_Yr-MxwPRwZiJzLQiMd9xbG0ELWbOqq5J_-pssQZMv1zC9DSaN-0koWKZABhNsuwVoSKLhlXBS6HOCx9qcrgphZAwDNzJLDJap7zIs568lz_f4-LTXMMKzGj12Z-qr2nLtKwqDAgINH0lsXPl4AXynYedsf3rppUMGnzui5gAq8jiMcAlKKxqms8yXeD04V3JHBqzB9vd_htTOJH1YjxOFSQP5c617NCKqBo2ni2qjFGe3RBEVG4Z7SY3GAlKq524E_yUY3Gi67xsltQbmQqzlKEM8goAQoNHxiWzcEskKDtSvEfB8vTWSmluU2DqVHhaoT6FxfTXul_OSJylhIshpSOPm7Pv_NNskwZvy1ew3rshNCukKKCI1z6Du3hj8iFUD4CDllDUT20ob_XLYsVwlzvovG7kCvp6axAYdWudc8EnDMQE-dWjJmMQQrQMpq4fIJK8GO9NEBhTPSNaiqdxiSQ7dXARLIXLZhpTBXvEKMOgsttQi2lxp42CioOb8pGAht8VoKj3Ka4cR-YqqXf9UIRQGjG5UitA60qtFtSTd_mGxrzCofTW4uFsBtV9qFab18bR_MIn5t9IFtQ_2h5rw9xb9NuQDMtkRI_OevZGi_5OSR-0y5HcAx7nzx7gPqygVki-2TArq7UO_Rev-MElI7UL7hTvToHZXNoCvgxDxKIEwsK40UIANkkjIFDgtvcB7phn7gpqRzUm2yAVWuq6oSLmZGsFUooVRPIIrybBuJ-6LTjXUzCaNWXfYLn0ZijhAY_L-rKvovmR_oTBF60CIuArF-JP9a0H7Te16w-KMmQsUBcuc2pRIHuNQutPTFTd6Px8T6MrnCFktAIiPQdRop-Wm209fXDfr4XjLt5BWteZ-X-NVCDVe-MlD-vobRH7RrfBPPbaP_Xb7v-WgG4SDMLlt9iEkGpomHnem-KpHuV6ci6aw-ESKZUH8EP8uFu_Hu0MgxS4pvTyhKg9aurg2LgH2UGLYTQhTAcVs82aZnUch-q0ONPWuBm9w03Jt18vF9U17Re13HDqtdlny6eNvy7tVWHN40hY_POV_GDyULmYBgB1MFd-67AmDnfw4RIA-HXXx28ilgOOn99kSs2GRFcN7MJNLDchRxtkLuxzR37Ny-K2zenwzHfvtpjC_tEnZP7Kt0WFm2c3ETCFjyjq1RLuadjoRbWP4KcILgUMBH5D4nvfjyLJR5I24mA33IZkEoU--YvMxNjV0rAGgEzGmNQafBsv4Jd6gBfdIP-yIv0xHKckVrexfS0QSgDPD3YW0UHo_P494F9azTrmZb1i2QUEUB0rl60TBG_b2YeQdgcamBndZSauXzAt6Gea-Jqi_bDTXPa6gVSgKf2cEbPINqEb-N49OpDqn8I6SlJ_76zw8Uh3Z4hOdBLHyH9ugdr71l7Pe1vZxHkiIheefPLdwXSQSUEQDHsCQk_Ildrj3WGOHW5bQg_EuCcj58-j13ZiUsGL1VDdukjI_LG4l2BsR5BbIY5fgkCUa9PEkibOx16_-O-q0Ur7Vp6jrl5Wf2cK8Lmwwa7n-xP0LAaTlQYFsN2-GKTQ5N99XtMXdTbZ0hCer558LQdG-ylsYfo9RV7K_y3in4uUc0uDb9D1Qx2_p-jaGvrwpEM-1mtmRR463uUK7SnSoWg6uYpiT7wcAufeQwpKENBQQHkxFwY1zqeqxsTA0LEKu09vSgnVWk6URp3CJppde8v_818VeccScLUpvyjcERm0n5L7fMZ4DSAv0aUSzYSgWTJcZhAtZUejMvRGtnihcOv7mr_Agggc-IRYqOgh4AuaazcqvSinsYEWIS2Btqdrj12lINT7TZS-NCID7jkmV25i9nOznXwLTfEpyiw_AH7MrfJwLXlPTjZM93zvMqMYh6xiptdvYC94nFBBfaR-km3ZG8JCR32QZJRV4k-08jEIgX2ueVemqEwOGejWqOLeYgxwqVULXdGjH4BqbU-lK1-e02atKybD6vHrxTf19JKjRE5LpOn7TZqmsRnn6GjKuaJs-upQIZlXDeN1CRzykDRzq2BXQKcFbswjZiaObjC_NteQi6H96G-W-3mbao1fApbBZ1kLo6YQGbmFBBEhfBemIC_RvqmjP4b8kKBLtMdfRMjt0HMHUrJ_J6pM3-1FJf4hx5VGY93Hlzx7VJOYZBvURk-i-udC8R9vQ1oIwjwDUpsp-1vCryWq4ffSdArGIjigm-JGAbxMNBwj5fKie2rrw_-VJjDcJDGr4JeCUCr9ykAweKA16pnpRirOPdiZM9pFEzsB7XQ-F1E6vMebJc6FJH93yTdTCAOG8PdUwrdOqsMoS4zhLTs2b1gcfqJKVOj_sq8cLVEGbJ3XL9DoSPh01RZlrKGarB6iQ1zcfMAHviDH99T0&cid=CAASBORo6aE&rfl=2%2Chttps%253A%252F%252Fsuip.biz%252F%240

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ae9fa408a1d6b00552c238cc5020ac1878b11ab76d7334b2197173217ae7be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 monster_jdn_atlas.js Show response
secure.jdn.monster.com/render/ Frame 65A4 3 KB
1 KB 138ms
18ms Script
application/x-javascript 13.226.39.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jdn.monster.com/render/monster_jdn_atlas.js
Requested by: Host: suip.biz
URL: https://suip.biz/?act=urlcrazy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-45.ewr53.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fb288898820f3c0d6cc74cc0ff39c5c5aa97c153dcd4e92a807c2f7352755763

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 08:54:53 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2018 07:56:00 GMT
server: Microsoft-IIS/8.5
age: 43606
x-powered-by: ASP.NET
etag: "068f7209f83d31:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
content-length: 1041
x-amz-cf-id: sG-kIOVJsSPOGNEN2rIWaAUG3c3Tv3DvyBq0NpShMO1Bf-zI8SeE5w==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 65A4 3 KB
1 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 65A4 17 KB
7 KB 23ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65A4 141 KB
44 KB 327ms
324ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 65A4 42 B
63 B 39ms
36ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BudxgpipyYyMh-BeeK1N_0VfGrlVu_xW4-3D7EFwD5S8afFVXopFHGJKwZJeUiV-MkTgZyslOLy9f7-sUDw5vVTrVH_nSAth_vTB5e6_3B8T-FwOU

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DAA 36 KB
16 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=2729153716&adk=1667284340&adf=3232296311&pi=t.ma~as.2729153716&w=760&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297608&bpp=7&bdt=216&idt=164&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=412&ady=499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=icB24f6QcK&p=https%3A//suip.biz&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B0AC 29 KB
10 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 17:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 17:22:36 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7C26
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO4I80QtnEG2ZVBRdJSqCA&google_cver=1

43 B
61 B

101ms
73ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO4I80QtnEG2ZVBRdJSqCA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInEqdwCEJ3Xv4MDGJabjsEBMAE&v=APEucNXJlHVrXoTw5nDa0loU0qxDZ1PjXgh87oyeFayJwKy3PQV5udbWpAzkSQJKfDQPPeIlUaX6oxlu84yCI0xPVRKHwOVtRg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMO4I80QtnEG2ZVBRdJSqCA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C26
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmVkZWM3MzYtZDVhMi0yNGNkLWZhYzYtMjc2NjI4Njk1ZDQ4

170 B
188 B

38ms
37ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmVkZWM3MzYtZDVhMi0yNGNkLWZhYzYtMjc2NjI4Njk1ZDQ4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInEqdwCEJ3Xv4MDGJabjsEBMAE&v=APEucNXJlHVrXoTw5nDa0loU0qxDZ1PjXgh87oyeFayJwKy3PQV5udbWpAzkSQJKfDQPPeIlUaX6oxlu84yCI0xPVRKHwOVtRg

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Sep 2022 21:01:39 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmVkZWM3MzYtZDVhMi0yNGNkLWZhYzYtMjc2NjI4Njk1ZDQ4
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 7C26
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKp8-vmqPxYfdYVPsxoEfq8&google_cver=1

23 B
288 B

45ms
44ms

Image
image/gif

23.195.101.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKp8-vmqPxYfdYVPsxoEfq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInEqdwCEJ3Xv4MDGJabjsEBMAE&v=APEucNXJlHVrXoTw5nDa0loU0qxDZ1PjXgh87oyeFayJwKy3PQV5udbWpAzkSQJKfDQPPeIlUaX6oxlu84yCI0xPVRKHwOVtRg
Protocol: H2
Server: 23.195.101.76 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-101-76.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 19 Sep 2022 21:01:39 GMT
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEKp8-vmqPxYfdYVPsxoEfq8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C26
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWY0NzE4NTgtMDUzMS00OGNhLTlkNzUtOTUyNWNkMzNmZGIw

170 B
188 B

37ms
37ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWY0NzE4NTgtMDUzMS00OGNhLTlkNzUtOTUyNWNkMzNmZGIw

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
server: akka-http/10.2.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OWY0NzE4NTgtMDUzMS00OGNhLTlkNzUtOTUyNWNkMzNmZGIw
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Mon, 19 Sep 2022 21:01:39 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 65A4 41 KB
15 KB 22ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC5Sq5xannJVXUL7BIEPtxOR_DZfapkNQLbZbsGFvjGj4glXQzwefjcK6Q6JVtpPANGAiUUKhet-j6CXfLdm8UIr07xOv4h2TM7i3LpFUZFIcEsEh9ytb-OTDuNN8gmIGuZCK_-s44I2xegnG9HApan8RlQXNdzbtZaaJIyf6abldgLhU&cry=1&dbm_d=AKAmf-C4LTpy0AVz3SVoO9Pw3104tyK4KG7MmBidAhlCslTD-mjBT6SiqvQFHzfwo-ZKZ0hsspOGcjsd9vWcURE6mnOogctn_USK-eCxd-_enzwTSqrD1nMjaxrEYUhC12pKCS5ZCK85w4HLKd_YNT7yxWgLHzsvCf3a1aLT37WcLcAR9E7emSU096gHji0nQ-7Za1PRubpD6Yw-2NttGodun5aOdKId0ESPOKcn23POj7gcfU0IUKDYpj8crNPmFLZaSPEpEZ_jqrkPUCnfqev5J2YScQbR-FL7N0SmUEuDo0jwNvKWM7F9e2LN90RbqTzBN91b5AIj8LFaAFrUOORN8n81jRid3PULLUDDZy3qZYoh6MNQteviffkW5P1_A6g8Ol41mWTHzOYtDTymyxnKxSWqmyL-5jRZ-vlKv8wQZ2809Y8gwybp-60L9ZQd22R9a_2J49mSNnyO0IMs5wtv4LjMUDuu6iw4ctJE3fUvMben2sGkUzPzDBF_Yr-MxwPRwZiJzLQiMd9xbG0ELWbOqq5J_-pssQZMv1zC9DSaN-0koWKZABhNsuwVoSKLhlXBS6HOCx9qcrgphZAwDNzJLDJap7zIs568lz_f4-LTXMMKzGj12Z-qr2nLtKwqDAgINH0lsXPl4AXynYedsf3rppUMGnzui5gAq8jiMcAlKKxqms8yXeD04V3JHBqzB9vd_htTOJH1YjxOFSQP5c617NCKqBo2ni2qjFGe3RBEVG4Z7SY3GAlKq524E_yUY3Gi67xsltQbmQqzlKEM8goAQoNHxiWzcEskKDtSvEfB8vTWSmluU2DqVHhaoT6FxfTXul_OSJylhIshpSOPm7Pv_NNskwZvy1ew3rshNCukKKCI1z6Du3hj8iFUD4CDllDUT20ob_XLYsVwlzvovG7kCvp6axAYdWudc8EnDMQE-dWjJmMQQrQMpq4fIJK8GO9NEBhTPSNaiqdxiSQ7dXARLIXLZhpTBXvEKMOgsttQi2lxp42CioOb8pGAht8VoKj3Ka4cR-YqqXf9UIRQGjG5UitA60qtFtSTd_mGxrzCofTW4uFsBtV9qFab18bR_MIn5t9IFtQ_2h5rw9xb9NuQDMtkRI_OevZGi_5OSR-0y5HcAx7nzx7gPqygVki-2TArq7UO_Rev-MElI7UL7hTvToHZXNoCvgxDxKIEwsK40UIANkkjIFDgtvcB7phn7gpqRzUm2yAVWuq6oSLmZGsFUooVRPIIrybBuJ-6LTjXUzCaNWXfYLn0ZijhAY_L-rKvovmR_oTBF60CIuArF-JP9a0H7Te16w-KMmQsUBcuc2pRIHuNQutPTFTd6Px8T6MrnCFktAIiPQdRop-Wm209fXDfr4XjLt5BWteZ-X-NVCDVe-MlD-vobRH7RrfBPPbaP_Xb7v-WgG4SDMLlt9iEkGpomHnem-KpHuV6ci6aw-ESKZUH8EP8uFu_Hu0MgxS4pvTyhKg9aurg2LgH2UGLYTQhTAcVs82aZnUch-q0ONPWuBm9w03Jt18vF9U17Re13HDqtdlny6eNvy7tVWHN40hY_POV_GDyULmYBgB1MFd-67AmDnfw4RIA-HXXx28ilgOOn99kSs2GRFcN7MJNLDchRxtkLuxzR37Ny-K2zenwzHfvtpjC_tEnZP7Kt0WFm2c3ETCFjyjq1RLuadjoRbWP4KcILgUMBH5D4nvfjyLJR5I24mA33IZkEoU--YvMxNjV0rAGgEzGmNQafBsv4Jd6gBfdIP-yIv0xHKckVrexfS0QSgDPD3YW0UHo_P494F9azTrmZb1i2QUEUB0rl60TBG_b2YeQdgcamBndZSauXzAt6Gea-Jqi_bDTXPa6gVSgKf2cEbPINqEb-N49OpDqn8I6SlJ_76zw8Uh3Z4hOdBLHyH9ugdr71l7Pe1vZxHkiIheefPLdwXSQSUEQDHsCQk_Ildrj3WGOHW5bQg_EuCcj58-j13ZiUsGL1VDdukjI_LG4l2BsR5BbIY5fgkCUa9PEkibOx16_-O-q0Ur7Vp6jrl5Wf2cK8Lmwwa7n-xP0LAaTlQYFsN2-GKTQ5N99XtMXdTbZ0hCer558LQdG-ylsYfo9RV7K_y3in4uUc0uDb9D1Qx2_p-jaGvrwpEM-1mtmRR463uUK7SnSoWg6uYpiT7wcAufeQwpKENBQQHkxFwY1zqeqxsTA0LEKu09vSgnVWk6URp3CJppde8v_818VeccScLUpvyjcERm0n5L7fMZ4DSAv0aUSzYSgWTJcZhAtZUejMvRGtnihcOv7mr_Agggc-IRYqOgh4AuaazcqvSinsYEWIS2Btqdrj12lINT7TZS-NCID7jkmV25i9nOznXwLTfEpyiw_AH7MrfJwLXlPTjZM93zvMqMYh6xiptdvYC94nFBBfaR-km3ZG8JCR32QZJRV4k-08jEIgX2ueVemqEwOGejWqOLeYgxwqVULXdGjH4BqbU-lK1-e02atKybD6vHrxTf19JKjRE5LpOn7TZqmsRnn6GjKuaJs-upQIZlXDeN1CRzykDRzq2BXQKcFbswjZiaObjC_NteQi6H96G-W-3mbao1fApbBZ1kLo6YQGbmFBBEhfBemIC_RvqmjP4b8kKBLtMdfRMjt0HMHUrJ_J6pM3-1FJf4hx5VGY93Hlzx7VJOYZBvURk-i-udC8R9vQ1oIwjwDUpsp-1vCryWq4ffSdArGIjigm-JGAbxMNBwj5fKie2rrw_-VJjDcJDGr4JeCUCr9ykAweKA16pnpRirOPdiZM9pFEzsB7XQ-F1E6vMebJc6FJH93yTdTCAOG8PdUwrdOqsMoS4zhLTs2b1gcfqJKVOj_sq8cLVEGbJ3XL9DoSPh01RZlrKGarB6iQ1zcfMAHviDH99T0&cid=CAASBORo6aE&rfl=2%2Chttps%253A%252F%252Fsuip.biz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 10:05:01 GMT

GET
H2 200 nano.aspx Show response
secure.jdn.monster.com/render/ Frame 478C 384 B
1 KB 45ms
44ms Document
text/html 13.226.39.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jdn.monster.com/render/nano.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
Requested by: Host: secure.jdn.monster.com
URL: https://secure.jdn.monster.com/render/monster_jdn_atlas.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-45.ewr53.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: be9be289df4afc43e86733d2bbe028767e24b4840fdcc938e72db1fe0f71744b

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private
content-length: 384
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 21:01:38 GMT
p3p: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA",policyref="http://media.monster.com/w3c/p3p.xml" CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA",policyref="http://media.monster.com/w3c/p3p.xml"
server: Microsoft-IIS/8.5
vary: Accept-Encoding
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
x-amz-cf-id: kRWhR5Qli8FSiXkpwGeX_4MZKc8-ZMx4ApLpmPu-3pofZ9n34cPRHw==
x-amz-cf-pop: EWR53-C2
x-aspnet-version: 4.0.30319
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H2 200 adservercontinuation.aspx Show response
secure.jdn.monster.com/render/ Frame 9A9B 13 KB
5 KB 189ms
189ms Document
text/html 13.226.39.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jdn.monster.com/render/adservercontinuation.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~click;https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC069FsdgoY8K0MoGONeb6ntAJ4Jfsgmee8rmQtQ_AoZvTiCsQASDqrrcnYP3oooHwA8gBCagDAaoE4QFP0KQONRLFmXBWv2Kh6Z31BGdqjIGFg9xZQgzzWgBFdkjGgdClY4DAjVxgIpfmGd18ZwyHBHfdkNPEhzJYSxIYtHLppVDgXtslz1k3WnNXMfcoQfSCCxOCQYNn8qfA1m5_Kedg3A5yVMrdiyd3wIf7_tXd4slM5mOCrJykl4ddTDldH7wJ6jZfp7QHPR6Z7e9LKcho4mJiIv1WWtGt21W0YOoFrXeLSXgfikwuQGI-OZWTEdmzn5vP4AGEfHD7uGOrymwKZeMVvox5n5AF8HeaJ7PHugIxKFudhj3FRCFZPa7ABL7hh_7xA-AEA5AGAaAGTYAHsMClgQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoBmAsByAsBgAwBsBP53bEQ0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASBORo6aE%26sig%3DAOD64_3K4eeYwn2g5-Pjoom4nDXAHy4J4Q%26client%3Dca-pub-7219829351026140%26dbm_c%3DAKAmf-DCkIxYTtslFZ14eP_nQhZfimOswndTuk6mcGrIJs0bptG8KS7iE0SDJwU3ZbPW_py_fTecmzPE5OSseMn6gJuukc_c5oUyrXd_BwZmvHc7PIn0uCltmvfqbAkgU2_aeRn-lV7wPuiuHDqkMdvsQGI6FkOuwOWsjmbRdIoRrPNIGHHBNJ4%26cry%3D1%26dbm_d%3DAKAmf-BORrXbypswx3fhnuWytTOFRWKhN2B18rGouOXW6mjOJqIqHKge3uoB8vb72QvkJnPxmr49qtvu-j4A4ybuRjjwiDfuzYYL7aB4VxEihVBTzkzEh9ru5IXGkcxqSkf5BiT_isEUbDH777aoUi4-_Wx3_EUdJAWOESQyOJ25syKJ-at3p2tWYBjPfcWKCazXA3P-73TCL4f_DgwF8ex6OUFlLE6qB8kreTr4xJxzsFh0fb9PVvF32d43dzsA9KZ49Bv4yHaIkTuGebyM7KRn5eIzjnI716Wnu5pZDS_-_N14JZ-sE_lFLtNosr9FzxvpLZgxhEZ9ELpDavH87V0YlVbhdk9phPgfVtS6G4FQTnq6eAdy8ks1IvG8dauCp8l1QyoBMN8w9Ay1euxS3j67OfH7GO3XpomUG-D0F5Ze-afkuYdZmBmB03xBQsD6I1kIZRXR6Gf_yT_ACH3R9KKqKwy5czWChv6eBvCuN4NxDxupEAlJKreJ5L1kFWrZjaUNQpXpslHcRpuDw47XNRVLyaxzR8rUpXelWrfy7UKM3vcQftIi3vU%26adurl%3D~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
Requested by: Host: secure.jdn.monster.com
URL: https://secure.jdn.monster.com/render/monster_jdn_atlas.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-45.ewr53.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 13802efcfc08dc502a436129df69861fd023fab327060456a994161a4521d859

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 4354
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 21:01:38 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
x-amz-cf-id: rlHyIZpOS5KQo18-9gHY48fMoxatIWFAoIJMGnXY23Rrle6C0mi33w==
x-amz-cf-pop: EWR53-C2
x-aspnet-version: 4.0.30319
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H3 200 css
fonts.googleapis.com/ Frame DEC0 5 KB
667 B 45ms
45ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1535199f71b96d423d3f991a5a0a92ca5779e74d2e23a509b5022ef347129a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 20:33:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame DEC0 2 KB
909 B 29ms
28ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:42:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame DEC0 23 KB
9 KB 30ms
30ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:36:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame DEC0 3 KB
1 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:53:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame DEC0 17 KB
7 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:55:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEC0 141 KB
44 KB 75ms
75ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:39 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame DEC0 33 KB
13 KB 34ms
34ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 18:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 18:09:39 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 67D3 22 KB
8 KB 29ms
28ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 17186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 16:15:13 GMT
expires: Tue, 19 Sep 2023 16:15:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 65A4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c46f1e2bb79a96203c8a690f4e38304ea6103900b2659e97f991470d5bdbac10

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 71E5 0
26 B 42ms
41ms Ping
image/gif 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5gfwHNCwVSH6Y5YfqE4z7S6n9-rRLeEc8ipUvdvCpSCnX6vDmjAnRK8ouk3DtDYleoqbB1aMJDXceKxx9e4BmWmj0kouk1MJQ7N2Uf5GvGko97MRk_X_TE10oZrVVeDLYwr1hO9UaPmZIcppq2RKKva75SeZJMY7cK3nJeNj_8fBrqBPO5v3L9tN7z9gOEsMdp_Ub6LDC5R0JlhkhsIuU1mPLJl5wfDzpVCiToRYzvOweS2rc4z6igy39l1D8rlNm-gV6bj9DUx_WYZdmvtVQzPUlhD5w1I1DicNG_Z-4pORcKwmTsE8NYyYcleqHZcbCUHQELMfrtxZEd2eh0Y0I1rOysNBc2Y398AXzz14IQMb9Y-PsuMJR4nJkZfBu_wTXmORSwU-AdXgKGNeXwAtGh3N9Wg4OHl78zoDZEz3QAm2kif7ojMPdtmMMxeDoyEu4aeI48oOBH0JP1-GDXyAXD0NXi68Hevosh5eWl8K1JQYj4mU8-is2uifKkDmpCJW9fpP2oBWPFkC9qCFdjlZ9maFJffrMdwecvDmNv3w-NYKVRx38u9eg-YMag5GqMl-9A3M3Nx6BJeU3C6tDOWqFccDO8n3eoBDhQFC7sl-7UkV7b595MIDOsDRi4Pqx5svY5VKqPTDxQ6743HW1bhJ3ecch2Lq7tTD0yzjsMXpL8fW_U73R6Ij49BbiVp-3n1nS4AuxQyhN-fukzAcbXo58zhIgLj6SEY4jNh5WrKrGoVWacdWPb9jxXGbvcMiCeVUfacDe7f0JUr7-JPSSGMhSu2rlaxY6e9IQnn1ttbzxvQgrFdUxbcj7IkJ1aXyOJOGwfStca0DUWiTwGF4tPOQaIkjHhhwfXu44EYuQZjYOY3yUhoBdfiHCm0JNgc5LSJ02t2LAxi7UU_30B5S7RvvduyWJCikN1ewSwVgT_pFYalVFZPYZbCS83cbtYvRNgRJz-1c_V83OLIO9tr7udU8rtKBjrwERTcQ8orqHLreaRZjdCg4MTXDfEAoMBjhdRBw9k_Uv9Dh8103m-8AAQ-Lg-hWqrBxxwCrV7JIzI2q4k5ZAWPhuYT7vGwDhSQdtpArZTF2LceUBThs-3HwfHbfVf6lhQw-SLeHkjSzvVEq5dEVnaPY7VYKT8vfkdKVE8ickWryTo3pz2eehMkaQDxnOJ1gimNUu0qSly9XolDd_Vckj8JJN-0KYsNzPvRKtVC0y&sai=AMfl-YRpq8asoU46V5Xi8MuNqI0v4TBFlNL-7LplNbBStnKL4bBMj7KWoAN8BgbmOlVDApqzGhC71OQ604mqUA6XIxSL0FAVkYJ6ZGEKeFYWJtPsyEIcHgLx1LO143T-sUdQ4uRhzg0HGQP2kdmIfBwvW1n-0L4&sig=Cg0ArKJSzJhr0SaA5cemEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=917&vt=11&dtpt=517&dett=3&cstd=393&cisv=r20220915.78501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 21:01:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9683 42 B
64 B 81ms
40ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskil-wvjTbPwjCK3KAdfwWe4Ij-IByt4S6cW8_UX5E_CVhdJ9_fZwz6t9fnhJYZXXzuv6-pg8coj6Typ4xTnArwVx8bnfIO1BLMz2kk4hNx6N4T3nAWC7aXC9J91whwLbENK6Tyb7Z_1KmxgvnylIA_nCh6h9J5pYzCnI-bPFfDLWj3w3RzXV8q0-5bc8&sai=AMfl-YTtcIZCNE2S5fV0thUtofWawUGKy_EDy8h9R2PCsXEb_kA2oDz1PjsKI1rhHmJr6bx_yObt_doh-QvJ&sig=Cg0ArKJSzDDIbbhSigHzEAE&id=lidar2&mcvt=1046&p=0,0,600,160&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1372030896&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663621298290&rpt=296&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 87C0 22 KB
8 KB 19ms
19ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 17186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 16:15:13 GMT
expires: Tue, 19 Sep 2023 16:15:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6CE6 143 B
166 B 21ms
20ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:40:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEC0 0
20 B 39ms
39ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20220915&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_s.svg
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 539 B
359 B 23ms
22ms Image
image/svg+xml 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/logo_s.svg

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b0135cc0f1adfc0c866864fb2fbe334f667549569046805dc4731a7ddbb6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
last-modified: Wed, 11 May 2022 18:55:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Sep 2023 18:26:43 GMT

GET
H3 200 cta_EN.svg
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 2 KB
670 B 27ms
26ms Image
image/svg+xml 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/cta_EN.svg

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccc343ca9a048a16a07d5ed437ceaae818ff1534f526d8e670e082ba5c87bd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 18:26:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 641
x-xss-protection: 0
last-modified: Wed, 11 May 2022 18:55:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Sep 2023 18:26:43 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 4 KB
4 KB 25ms
24ms Image
image/png 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/txt3.png

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

102ec4aba2c8341b0ad5a8a480ad60d74a2a337f187ef09ae95eee4349ad2559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:28:24 GMT
x-content-type-options: nosniff
age: 538395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4097
x-xss-protection: 0
last-modified: Wed, 11 May 2022 18:55:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Sep 2023 15:28:24 GMT

GET
H3 200 txt1_legal.png
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 2 KB
2 KB 24ms
23ms Image
image/png 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/txt1_legal.png

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16adc48c5a6e36fbfe0dfd6318cf7fd9e173a9822dabef77075f1eb5cbe7f51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:28:18 GMT
x-content-type-options: nosniff
age: 538401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1803
x-xss-protection: 0
last-modified: Wed, 11 May 2022 18:55:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Sep 2023 15:28:18 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 4 KB
4 KB 33ms
32ms Image
image/png 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/txt1.png

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaffd8f840a28c06b23cdfbd40aac37922c86c1ee7ec2c121cef61c478378391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:28:18 GMT
x-content-type-options: nosniff
age: 538401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4104
x-xss-protection: 0
last-modified: Wed, 11 May 2022 18:55:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Sep 2023 15:28:18 GMT

GET
H3 200 BG.jpg
s0.2mdn.net/sadbundle/3741090457089398301/ Frame B0AC 73 KB
73 KB 27ms
26ms Image
image/jpeg 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3741090457089398301/BG.jpg

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

614ca86cb9f3c21ea92a92cbfef4d4afc6b658a7601da84ba71898daac7da08e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3741090457089398301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 15:28:18 GMT
x-content-type-options: nosniff
age: 538401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75119
x-xss-protection: 0
last-modified: Wed, 11 May 2022 18:55:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Sep 2023 15:28:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9A9B 8 KB
744 B 36ms
35ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500

Requested by

Host: secure.jdn.monster.com
URL: https://secure.jdn.monster.com/render/adservercontinuation.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~click;https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC069FsdgoY8K0MoGONeb6ntAJ4Jfsgmee8rmQtQ_AoZvTiCsQASDqrrcnYP3oooHwA8gBCagDAaoE4QFP0KQONRLFmXBWv2Kh6Z31BGdqjIGFg9xZQgzzWgBFdkjGgdClY4DAjVxgIpfmGd18ZwyHBHfdkNPEhzJYSxIYtHLppVDgXtslz1k3WnNXMfcoQfSCCxOCQYNn8qfA1m5_Kedg3A5yVMrdiyd3wIf7_tXd4slM5mOCrJykl4ddTDldH7wJ6jZfp7QHPR6Z7e9LKcho4mJiIv1WWtGt21W0YOoFrXeLSXgfikwuQGI-OZWTEdmzn5vP4AGEfHD7uGOrymwKZeMVvox5n5AF8HeaJ7PHugIxKFudhj3FRCFZPa7ABL7hh_7xA-AEA5AGAaAGTYAHsMClgQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoBmAsByAsBgAwBsBP53bEQ0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASBORo6aE%26sig%3DAOD64_3K4eeYwn2g5-Pjoom4nDXAHy4J4Q%26client%3Dca-pub-7219829351026140%26dbm_c%3DAKAmf-DCkIxYTtslFZ14eP_nQhZfimOswndTuk6mcGrIJs0bptG8KS7iE0SDJwU3ZbPW_py_fTecmzPE5OSseMn6gJuukc_c5oUyrXd_BwZmvHc7PIn0uCltmvfqbAkgU2_aeRn-lV7wPuiuHDqkMdvsQGI6FkOuwOWsjmbRdIoRrPNIGHHBNJ4%26cry%3D1%26dbm_d%3DAKAmf-BORrXbypswx3fhnuWytTOFRWKhN2B18rGouOXW6mjOJqIqHKge3uoB8vb72QvkJnPxmr49qtvu-j4A4ybuRjjwiDfuzYYL7aB4VxEihVBTzkzEh9ru5IXGkcxqSkf5BiT_isEUbDH777aoUi4-_Wx3_EUdJAWOESQyOJ25syKJ-at3p2tWYBjPfcWKCazXA3P-73TCL4f_DgwF8ex6OUFlLE6qB8kreTr4xJxzsFh0fb9PVvF32d43dzsA9KZ49Bv4yHaIkTuGebyM7KRn5eIzjnI716Wnu5pZDS_-_N14JZ-sE_lFLtNosr9FzxvpLZgxhEZ9ELpDavH87V0YlVbhdk9phPgfVtS6G4FQTnq6eAdy8ks1IvG8dauCp8l1QyoBMN8w9Ay1euxS3j67OfH7GO3XpomUG-D0F5Ze-afkuYdZmBmB03xBQsD6I1kIZRXR6Gf_yT_ACH3R9KKqKwy5czWChv6eBvCuN4NxDxupEAlJKreJ5L1kFWrZjaUNQpXpslHcRpuDw47XNRVLyaxzR8rUpXelWrfy7UKM3vcQftIi3vU%26adurl%3D~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.jdn.monster.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:13:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 21:01:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 21:01:39 GMT

GET
H2 200 adimage.aspx Show response
secure.jdn.monster.com/render/ Frame 9A9B 2 KB
1 KB 18ms
18ms Script
application/x-javascript 13.226.39.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jdn.monster.com/render/adimage.aspx?title=jdn_script.js
Requested by: Host: secure.jdn.monster.com
URL: https://secure.jdn.monster.com/render/adservercontinuation.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~click;https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC069FsdgoY8K0MoGONeb6ntAJ4Jfsgmee8rmQtQ_AoZvTiCsQASDqrrcnYP3oooHwA8gBCagDAaoE4QFP0KQONRLFmXBWv2Kh6Z31BGdqjIGFg9xZQgzzWgBFdkjGgdClY4DAjVxgIpfmGd18ZwyHBHfdkNPEhzJYSxIYtHLppVDgXtslz1k3WnNXMfcoQfSCCxOCQYNn8qfA1m5_Kedg3A5yVMrdiyd3wIf7_tXd4slM5mOCrJykl4ddTDldH7wJ6jZfp7QHPR6Z7e9LKcho4mJiIv1WWtGt21W0YOoFrXeLSXgfikwuQGI-OZWTEdmzn5vP4AGEfHD7uGOrymwKZeMVvox5n5AF8HeaJ7PHugIxKFudhj3FRCFZPa7ABL7hh_7xA-AEA5AGAaAGTYAHsMClgQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoBmAsByAsBgAwBsBP53bEQ0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASBORo6aE%26sig%3DAOD64_3K4eeYwn2g5-Pjoom4nDXAHy4J4Q%26client%3Dca-pub-7219829351026140%26dbm_c%3DAKAmf-DCkIxYTtslFZ14eP_nQhZfimOswndTuk6mcGrIJs0bptG8KS7iE0SDJwU3ZbPW_py_fTecmzPE5OSseMn6gJuukc_c5oUyrXd_BwZmvHc7PIn0uCltmvfqbAkgU2_aeRn-lV7wPuiuHDqkMdvsQGI6FkOuwOWsjmbRdIoRrPNIGHHBNJ4%26cry%3D1%26dbm_d%3DAKAmf-BORrXbypswx3fhnuWytTOFRWKhN2B18rGouOXW6mjOJqIqHKge3uoB8vb72QvkJnPxmr49qtvu-j4A4ybuRjjwiDfuzYYL7aB4VxEihVBTzkzEh9ru5IXGkcxqSkf5BiT_isEUbDH777aoUi4-_Wx3_EUdJAWOESQyOJ25syKJ-at3p2tWYBjPfcWKCazXA3P-73TCL4f_DgwF8ex6OUFlLE6qB8kreTr4xJxzsFh0fb9PVvF32d43dzsA9KZ49Bv4yHaIkTuGebyM7KRn5eIzjnI716Wnu5pZDS_-_N14JZ-sE_lFLtNosr9FzxvpLZgxhEZ9ELpDavH87V0YlVbhdk9phPgfVtS6G4FQTnq6eAdy8ks1IvG8dauCp8l1QyoBMN8w9Ay1euxS3j67OfH7GO3XpomUG-D0F5Ze-afkuYdZmBmB03xBQsD6I1kIZRXR6Gf_yT_ACH3R9KKqKwy5czWChv6eBvCuN4NxDxupEAlJKreJ5L1kFWrZjaUNQpXpslHcRpuDw47XNRVLyaxzR8rUpXelWrfy7UKM3vcQftIi3vU%26adurl%3D~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-45.ewr53.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c723301d606d156cb85e99d13b724265ea62124af768d54decfa9fb6195e1731

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.jdn.monster.com/render/adservercontinuation.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~click;https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC069FsdgoY8K0MoGONeb6ntAJ4Jfsgmee8rmQtQ_AoZvTiCsQASDqrrcnYP3oooHwA8gBCagDAaoE4QFP0KQONRLFmXBWv2Kh6Z31BGdqjIGFg9xZQgzzWgBFdkjGgdClY4DAjVxgIpfmGd18ZwyHBHfdkNPEhzJYSxIYtHLppVDgXtslz1k3WnNXMfcoQfSCCxOCQYNn8qfA1m5_Kedg3A5yVMrdiyd3wIf7_tXd4slM5mOCrJykl4ddTDldH7wJ6jZfp7QHPR6Z7e9LKcho4mJiIv1WWtGt21W0YOoFrXeLSXgfikwuQGI-OZWTEdmzn5vP4AGEfHD7uGOrymwKZeMVvox5n5AF8HeaJ7PHugIxKFudhj3FRCFZPa7ABL7hh_7xA-AEA5AGAaAGTYAHsMClgQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoBmAsByAsBgAwBsBP53bEQ0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASBORo6aE%26sig%3DAOD64_3K4eeYwn2g5-Pjoom4nDXAHy4J4Q%26client%3Dca-pub-7219829351026140%26dbm_c%3DAKAmf-DCkIxYTtslFZ14eP_nQhZfimOswndTuk6mcGrIJs0bptG8KS7iE0SDJwU3ZbPW_py_fTecmzPE5OSseMn6gJuukc_c5oUyrXd_BwZmvHc7PIn0uCltmvfqbAkgU2_aeRn-lV7wPuiuHDqkMdvsQGI6FkOuwOWsjmbRdIoRrPNIGHHBNJ4%26cry%3D1%26dbm_d%3DAKAmf-BORrXbypswx3fhnuWytTOFRWKhN2B18rGouOXW6mjOJqIqHKge3uoB8vb72QvkJnPxmr49qtvu-j4A4ybuRjjwiDfuzYYL7aB4VxEihVBTzkzEh9ru5IXGkcxqSkf5BiT_isEUbDH777aoUi4-_Wx3_EUdJAWOESQyOJ25syKJ-at3p2tWYBjPfcWKCazXA3P-73TCL4f_DgwF8ex6OUFlLE6qB8kreTr4xJxzsFh0fb9PVvF32d43dzsA9KZ49Bv4yHaIkTuGebyM7KRn5eIzjnI716Wnu5pZDS_-_N14JZ-sE_lFLtNosr9FzxvpLZgxhEZ9ELpDavH87V0YlVbhdk9phPgfVtS6G4FQTnq6eAdy8ks1IvG8dauCp8l1QyoBMN8w9Ay1euxS3j67OfH7GO3XpomUG-D0F5Ze-afkuYdZmBmB03xBQsD6I1kIZRXR6Gf_yT_ACH3R9KKqKwy5czWChv6eBvCuN4NxDxupEAlJKreJ5L1kFWrZjaUNQpXpslHcRpuDw47XNRVLyaxzR8rUpXelWrfy7UKM3vcQftIi3vU%26adurl%3D~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:08:26 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2017 06:26:41 GMT
server: Microsoft-IIS/8.5
age: 49993
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: EWR53-C2
content-length: 839
x-amz-cf-id: NHkKwe3BToNK1XhKyIQ3jaMufEN90gIQjHJL3JUcy8eQV1kmdxAUpA==

GET
H2 200 m-logo.png
securemedia.newjobs.com/global/img/CAN/ Frame 9A9B 19 KB
13 KB 126ms
20ms Image
image/png 18.164.124.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securemedia.newjobs.com/global/img/CAN/m-logo.png
Requested by: Host: secure.jdn.monster.com
URL: https://secure.jdn.monster.com/render/adservercontinuation.aspx?a49ab9d8-f708-49b7-8941-38759d487507~728~90~1663621299504~0~click;https%3A//googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC069FsdgoY8K0MoGONeb6ntAJ4Jfsgmee8rmQtQ_AoZvTiCsQASDqrrcnYP3oooHwA8gBCagDAaoE4QFP0KQONRLFmXBWv2Kh6Z31BGdqjIGFg9xZQgzzWgBFdkjGgdClY4DAjVxgIpfmGd18ZwyHBHfdkNPEhzJYSxIYtHLppVDgXtslz1k3WnNXMfcoQfSCCxOCQYNn8qfA1m5_Kedg3A5yVMrdiyd3wIf7_tXd4slM5mOCrJykl4ddTDldH7wJ6jZfp7QHPR6Z7e9LKcho4mJiIv1WWtGt21W0YOoFrXeLSXgfikwuQGI-OZWTEdmzn5vP4AGEfHD7uGOrymwKZeMVvox5n5AF8HeaJ7PHugIxKFudhj3FRCFZPa7ABL7hh_7xA-AEA5AGAaAGTYAHsMClgQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoBmAsByAsBgAwBsBP53bEQ0BMA2BMK2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASBORo6aE%26sig%3DAOD64_3K4eeYwn2g5-Pjoom4nDXAHy4J4Q%26client%3Dca-pub-7219829351026140%26dbm_c%3DAKAmf-DCkIxYTtslFZ14eP_nQhZfimOswndTuk6mcGrIJs0bptG8KS7iE0SDJwU3ZbPW_py_fTecmzPE5OSseMn6gJuukc_c5oUyrXd_BwZmvHc7PIn0uCltmvfqbAkgU2_aeRn-lV7wPuiuHDqkMdvsQGI6FkOuwOWsjmbRdIoRrPNIGHHBNJ4%26cry%3D1%26dbm_d%3DAKAmf-BORrXbypswx3fhnuWytTOFRWKhN2B18rGouOXW6mjOJqIqHKge3uoB8vb72QvkJnPxmr49qtvu-j4A4ybuRjjwiDfuzYYL7aB4VxEihVBTzkzEh9ru5IXGkcxqSkf5BiT_isEUbDH777aoUi4-_Wx3_EUdJAWOESQyOJ25syKJ-at3p2tWYBjPfcWKCazXA3P-73TCL4f_DgwF8ex6OUFlLE6qB8kreTr4xJxzsFh0fb9PVvF32d43dzsA9KZ49Bv4yHaIkTuGebyM7KRn5eIzjnI716Wnu5pZDS_-_N14JZ-sE_lFLtNosr9FzxvpLZgxhEZ9ELpDavH87V0YlVbhdk9phPgfVtS6G4FQTnq6eAdy8ks1IvG8dauCp8l1QyoBMN8w9Ay1euxS3j67OfH7GO3XpomUG-D0F5Ze-afkuYdZmBmB03xBQsD6I1kIZRXR6Gf_yT_ACH3R9KKqKwy5czWChv6eBvCuN4NxDxupEAlJKreJ5L1kFWrZjaUNQpXpslHcRpuDw47XNRVLyaxzR8rUpXelWrfy7UKM3vcQftIi3vU%26adurl%3D~https%3A//googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-7219829351026140%26fa%3D1%26ifi%3D10%26uci%3Da%21a%26btvi%3D3%26xpc%3D07gh2U2QMh%26p%3Dhttps%253A//suip.biz~
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-73.jfk50.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4575bcd35c4e95871cfa351c70794e15aa3cc5f02f4d48e056e1e82928329db5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://secure.jdn.monster.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 07:07:03 GMT
content-encoding: gzip
age: 1605276
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 12436
access-control-allow-origin: *
last-modified: Thu, 23 Sep 2021 02:44:30 GMT
server: Microsoft-IIS/8.5
etag: "d154b6ee24b0d71:0"
vary: Accept-Encoding
content-type: image/png
via: 1.1 ad2d59fb6f7c4118dea14b5b7a9a1658.cloudfront.net (CloudFront)
cache-control: max-age=31557600
x-amz-cf-pop: JFK50-P7
accept-ranges: bytes
x-amz-cf-id: vOoNQYDRwH-3x8wcMcJcpMmkl7TbZ9Ih4UuI44qE-xpu7Nkb3iXBVQ==

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 67D3 36 KB
16 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 87C0 36 KB
16 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6CE6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
56ms

Document
text/html

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:40 GMT
expires: Mon, 19 Sep 2022 21:01:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame A952 36 KB
16 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8256 0
20 B 44ms
43ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdN7HsdgoY7LrM6-LqMwP2c6ZoAYAAAAAOAHgBAI&bg=!7O-l76vNAAZqQh0mSkI7ACkAdvg8WsNgnB65texwwG3fjmjN2kRRachnKWMJY2s5NODpFqHYLXvxBQIAAAGEUgAAAAJoAQeZAt8ghqipmb6zU8rcT6sMWrDemxDkCZcPUpwXTUVsYhy9Kcspd4EsonpTIgq4SZ4zqTewlvLhyH0evb5QjrgZrUKspbKh6cSEKWZIHuuzdeij2C-2UkZDzFgzEcYGdCJIguHwRmLQA8aRhtUfQuixfAwxUotd6DfFudHo3qqhpMko5A3wCQ47pJ1e53imRLBFRhydszH2fuAjgHWOfV9qk6wkTjo3bLo98oEm4qZMi1CO6qQeosCT8fPqHWoZr_Kob-N8DPoMoi1hSPsQ73Yd_Te29v6CcRkOxC2SOIGfpCNoYeYfvvLG7sxhRz05fxe1z7Ec7qfh_WiYEaQEv5D4dophP3tBhoAKFsBR3gOw2NmhNkIUBRt_5_zMOM2nBkVU60sQM2ACVyFxujBk0voxo1yg8OVuX3LqmqtVfriObJUgIy7xBuPB9qkiz43DtlDdBIaAL8EzG46Dxe6ux60_-0KJwZxTPL42ZSOCR7SuVEr-cGQtfdtTKwbGXtHKAEgTQDxy5JtJnoeyCxJw0e56m7_97pH1KvfJSWoogpFbULgS0T4y3dMT9uKkNd0N0xxJisCESrPUmlN46ueNthTEqqSTPQhwsDLmyqW1JFPTRIJt7XZiwoY-6i02862p4TUiboBJBFcdcCGkdLrLZSPeYelST3xjDY1uMEKhSRUbKN6oOHkzDry6lvmttMQShOazK_Uw8cjBJclrx0gTjXEllf-EocKLBqH7-pFBdUyFeFqNNZCFRYX0h28w6prvCRbQpPnz9a1T_p16hKh1LRyFEGr_Tog0sYxdU5BWtL-AKPYPzMbBNpBiIQR4Jn7RGkss6iB3Olydkf3kuHQ0-HcyZaEJmYbj1R0Hw7VwIYJblzvZvMMWNVMYEq8tjJ05En5AJCWtTX8T8IIAStDLvLSVcdUzeUAaF--w8UQDR5dkWaP6_minhzrtd75XeKtHMErPop2Mc8pR0E0WcYHHJR_DPeU

Requested by

Host: suip.biz
URL: https://suip.biz/?act=urlcrazy

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 354F 42 B
64 B 38ms
37ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUZtmXflioZostbOr_11QX0JhvUqUJv2TEDnuwOgSk5jq3ymdhNHbZ6hs1zmdtFkj7_Pzl88mcTFdOaOS-bt55d1PoeoXvB-L0h7t_Hm27sWGdYAvFA9J7rM_J2S6OMg6UIqM&sai=AMfl-YSPqCe6O1kY0WoBOu5t0StK5qqhdRnBFcjjKLw8d5KGo74R8WWYbqUCBWj8q-lOAZn6RZMXhx-8P_XY&sig=Cg0ArKJSzEYggSLNyz4HEAE&id=lidar2&mcvt=1022&p=0,0,280,760&mtos=0,0,1022,1022,1022&tos=0,0,1022,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=22&adk=965596250&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663621297792&rpt=1147&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 46ms
45ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aabf1299026667a42f3fdf47848de7e78f76ac3bcf9a682f571464d1b4717bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 21:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11087
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8262 42 B
64 B 38ms
37ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssa024S74H3EUSQf2hrDd4yPZHpcj_U5bUtoW-9vV56jDVX6LXDb63v4T2TCMerBPojPsbuv6F4xi_GPidHsA-kpnQSlGz_aiE4SxxE_j5hadna4prQhTJXT6FWreJRrZHJFeo&sai=AMfl-YSmiVr8xAP_G2DiOPtPGT43_53YSGM4ON2_IlG5MuknSkhKfPyN7pVrneAUUyj0PhggSPb2_YxIpneP&sig=Cg0ArKJSzDNfOuULh09LEAE&id=lidar2&mcvt=1008&p=0,0,280,1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1676129346&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663621297762&rpt=1289&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 21:01:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67D3 0
20 B 40ms
40ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc21-stgoY6qBIe6doPwP49GhGAAAAAA4AeAEAg&bg=!6-il6KzNAAZqQh0mSkI7ACkAdvg8WhYJtjUKt5Dol713HPvffCPY_UlmWEcLNfdHzoprBShs7yE2EQIAAAD8UgAAAAJoAQcKABceluRSFPc-iEhQd60iCn-Y8DyU_uU3FZkC6JgFmhI0wrn3nulEx4EqVW4BZnPlMQA9Mstmm7537gtRRx4rpb0dMsHgKwiBUdtxHdITpk-amOe_Vx--YfB9xrxb4D3KmHtko9D4UpRL9cwO6QlMm61cogHv57yw0jl0aXEyFHfvTymDsxf3YZsxP845JTYjS1mOR1AaBksxso7ZAshZRC8_f-Dt3Keo61KPHFXVRCKh7k4bFVYrk2X1V2S8YIQdF7C4uezFjfCScefnOT7tGoz0OZScXNF6VqVulze4mRuzE3BA0kzGadPTFVejdNFzK_-jbVYfoUT-WGKkZ4OgHaMH2asPaRKtDYZvY8wTrT_Vnvg3RCo5h1I5Yhdj6RNf2yh7P14ILox6xS5AQcBLRTz0lYZAWH4V-f7XP_Tioj0YYnxrpkdDthOMu3v3733Zuf7QHWwRB7F9Bqkf4vTW2dQ6cpT1BCXQBYbAPNCzXccjxBm7U4SoA7Do9OhXUgZ1oUh11brTr3q-JcwTF3MpUWQjfOBizryZDOJMr61OwD0ICFssjaXRF0aI2Qx8keN4FfNgJcFjLlxEm5urVj75CNct9uyUwoSklwZY4RiAK6hF8qzCrR4fEANwdMsoxfYUjdI71QkvHN8x3AOQtsw4mGhp1HxJa8HS8YqtjJT9dmm1AvIcy_sDFIdXhsDUhHi50EPUH4ROZRFBvGYakLClEK_Oi0zql41XE0TEaHe0Zt_Pd5oowVrPVsejqMARQIEXdp5khAGa_GBWAjXylGBpsbVkfL65-T3eqNszAipUwqB2wX2Q6nnlPw9qZ_ATJsMhjMP0jCJMab1yois4I3uGJ2SNXpsTxF88DugOSuVScVWcriNxy7Xt_Odngdt87kt6ftnnhGKU7O55f_xV50PA2CiC33dc4t5PzDDE22fwkxWetxD6dZnoAZ-zsDMXinhKcHf1pPqQ0tDNReRnZsVG4L2HUCjWAWssOpmKoCRPSzZYDVcwiiXlXo7SFIuin4A-8laOTQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 14C0 13 KB
5 KB 22ms
19ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 39396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:05:04 GMT
expires: Tue, 19 Sep 2023 10:05:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B99A 783 B
535 B 87ms
41ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41fc5f1dd4b9e0c7c9bdc122840f29316e026903d29075f0a25e5cc0277e1f48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-syh0AA7W5JQ63eMnDil9lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suip.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-syh0AA7W5JQ63eMnDil9lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 21:01:40 GMT
expires: Mon, 19 Sep 2022 21:01:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87C0 0
20 B 38ms
38ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-ay0s9goY-vpEJHbMLaDlZAFAAAAADgB4AQC&bg=!iomlic3NAAZqQh0mSkI7ACkAdvg8WquHPHyWAfGXwG9aCxXkTsVIa8gtNVT-wFwOlUJGvptlJhCkAwIAAADcUgAAAANoAQeZAuP2emXxbtb1qRgHXwVW5Rbb4oNvO3vP2yeJnIi2HlvkiNI8PyYTNmfSWD5hZ0puo8wP0yiapW2dLN9_dd-F7-l7RdRKCP-MzZfQUcSq5AQBhZHZDnj97DQgvc6IJwKt70ReCdwYzNc5n5lzJdEpdZb_Q3ENNOoc0imVgrVvofZJfhZtBV1vxXGNCTkuSAa8F_NVE-GdNNHYyuYCa6v9UV0TLVl-WcsOyHlTVAliB3xztdeYscFPuBFeOHZnjQ3Ci8noDexRxRsuqGJxVLFnZ0wCxFrDg7JJQrDbi5wpcO7vQ-iYwYUPieaZIpzYjrzJ21DnMUsg-Dm9ZEkQz2bfopU2asY7RIAPD2Nbn_C6i1tnHJB1RmJxyr2yh1yR3c3HB4UU2yJEeeZzShM7x-gOesM3lOsYDP1MjtRRcO5_xV-A5Dmdiu0UFIg0k8Zco61dJSpkWVQqyCToY7AB-u440fSJYHudrJrIzjiOD6jAjU32I2JQ3vKUn71ezF7_9bs9O_GSYRpqjNgOJ-1i5y4G14tUg2AmsFHJ2LwpQaU8CWdwsDxaPrT1DgCGYmObF0NnatFh94dBugTYMDdVTslKZQC8-vsEXBGG9jRfhePMFkGk8PSHJ2tuMLl8UZAbS-m93F9sgXOFbTOns6_WgNC76xOzLzBg76QKNIxFfUOj2eUkFlOTwv_10PyXmHAHZTpS2ytGFeqhyYcBVmVjNYBi3CxMinHlQ_0lTnRlA6AjyYiB44wO784st9qVUVti0HfVmc78IG9V4hSDeqAsN6agyBW5J2iSwcn7PCllJa_UZx2fJjT6ibdcNOJ7OZfYD7hUdsXAcCi0TCG2Kzcb7230gI7F4IH3xnK1fvaayyV3kK732zlvLh-Xvn62L-4tqHQbGTKL9fqdrZVv4_bhwTnQWNqxdYTyKOaDq4j8JCReNpf7vNSovYyWJBFP8gsncJwtsCFIRXwrQpRWy4zDfFRqO6UEKNdI

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 14C0 36 KB
16 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 19:19:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B99A 0
0 34ms
34ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220915&jk=2952893210557378&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 14C0 0
11 B 19ms
19ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xtvahg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:01:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D2AD 42 B
64 B 37ms
37ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTYyFo3phzGRJjiLnWW0JEv3tH9EQzhms5VbaHM-8HeNJiUbvO9YAsI-DTOWppphaZKZImcwniHtrfSzVMbWth3AiXg2zIJ7bLh0G4cHkJKofQ64Gw6ztx6zALTj79Ej9Oup8&sai=AMfl-YTkJBMEVLs7q1Cgz4xTosLNd3xLdlsS_MpXCAqwJ4tWWygJudTRSM-hk0mULuVsqKskGrcgG6OvFVqA&sig=Cg0ArKJSzNBqZxuLWjTJEAE&cid=CAQSGwCsnQUx24xzNvOQykNiYY9B-_Je70W5BvDyTxgBIA4&id=lidar2&mcvt=1000&p=0,0,280,760&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1667284340&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663621297780&rpt=1493&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 37ms
36ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220915&jk=2952893210557378&bg=!-fql-r7NAAZqQh0mSkI7ACkAdvg8WmYcVGyYcmtMFCDxTCsuFiYyT1SQqHvtZ8A0ks33mLjiULYWIwIAAABVUgAAAAJoAQcKACa1ER7DlJObB0bh5I6NxQM9-7uW_WMOq2vLHcMnNYwtl9eOA4a-KJkCmxqmwLFPfiwGQVCY7_X1bqtCjkfrM7KX11mKyVlW4H_e2OP9POJsUodSJJFkW7BN6SaRnQTKACeV3Cpwi7zEeK5sYy65yI8D6ok35jibGDhNvH60616Drb7hEqmtZf9Nw_b6RWKrZ9M7iQol002q9wYlRgl4LlChIznNX8jwdvrLaXuY7BQOjEXb8HDrgeZBPoLf7vjTHy7hP1dG6-p9oLecKikc59U3pfjD-kIYjXISQ1cyJJWbgfp07tPwjaNaYe1xD4ZG-4Q3HFnB8nrfYpuoLkCM0wF0PwVHk_dxU3vE9uCLOThaRNnBiaBSbmanol5I08MGKwBDSVNZnPNcclec0g1Aeyzmgs9dCdPCmR6FmzgcoTbnV3e90JtwLYjpEimdKpEH275jBTS2V2i_oN__4F8vYKAN6C7VumFTp8ZxjyxaZldI8iuIK7x6gl_QyhKoAojFbaMt4g0rEaFP-ZBU47KgIdRYgo0L-BzXZLMuxtfdw03hQd941EcEdjrQ5tDzpZeOLN60zU_ICCqpkB1unbNAYjOG2qk0qlk9AYWrb1PRo_3k5Z4ec-IqbdAjdqpoaCe9GDIhTxafriQNmSr3eMt7XE197uFWYVDYN9ssDoadWW5BdfJQ-PeaFQMN5CcJLRQK3xpIfeApNlR4Xf_Smdkj-pJM92XewTLblWadjLPlqtvhU75AkMnVtCascLJBlzTamow9gFjcQP2j-uwsS6V80qT3yef95lyeFW1pSoZEm9C2x45walZ2pjdppJgZ9QKtLewDD1WBkmAnQsReGt9TytacCNf5hZqPqqEG03LDnDsnpIchjua4xSuKp3MWYv3B0Bd54PoSWxzd16GhS-05z4FJGa5DpurZPyab2es78ATSLP_YNjM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://suip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 65A4 42 B
64 B 38ms
37ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgOK7G5ZEZIA6CQ974G1wDtu7f2f9TVXPBJGrSwoHi3nt3-hTyt9ocW_J0Lh0eZoCUuC-RIUiRLwcnUFa4dwGJBAcWHjGYgkMORkM6rbxgX61Ui1KrZZQo7w&sai=AMfl-YRsM3akk7zIZiNc0F0XdzqOf8trdBD0KLxfeluMiQIYKeEwpnmXF36ZgJf2lCi8CvoSYF-GrDGrz81U&sig=Cg0ArKJSzO88pqxncVzAEAE&cid=CAASBORo6aE&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663621299232&rpt=648&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 35867470 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 468ms
184ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/35867470?wmode=0&wv-part=1&wv-hit=391129539&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&rn=161224906&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663621302%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220919210141%3Au%3A1663621298871647716%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Awe%3A1%3Ast%3A1663621302&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suip.biz/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:41 GMT
last-modified: Mon, 19-Sep-2022 21:01:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://suip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 19-Sep-2022 21:01:41 GMT

POST
H2 200 35867470 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 144ms
143ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/35867470?wmode=0&wv-part=1&wv-hit=391129539&page-url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&rn=148851045&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663621302%3Aw%3A1600x1200%3Av%3A882%3Az%3A0%3Ai%3A20220919210141%3Au%3A1663621298871647716%3Avf%3A2ofv6mafcjlnitth2n3s3c%3Awe%3A1%3Ast%3A1663621302&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://suip.biz/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:01:41 GMT
last-modified: Mon, 19-Sep-2022 21:01:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://suip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 19-Sep-2022 21:01:41 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.suip.biz/	1970-01-20 15:43:01	Name: _ga Value: GA1.2.973924687.1663621298
.suip.biz/	1970-01-20 06:08:27	Name: _gid Value: GA1.2.714925092.1663621298
.suip.biz/	1970-01-20 06:07:01	Name: _gat Value: 1
.suip.biz/	1970-01-20 15:28:37	Name: __gads Value: ID=cd1eac2177deb953-221d5f0242d70054:T=1663621297:RT=1663621297:S=ALNI_MYvO0G6xJh8YzZdUI_Bn_GTjogLbA
.suip.biz/	1970-01-20 15:28:37	Name: __gpi Value: UID=00000865269f067f:T=1663621297:RT=1663621297:S=ALNI_MaiFh3rQj-Fbj_xqSBbliMcLEtyoQ
.doubleclick.net/	1970-01-20 15:43:01	Name: IDE Value: AHWqTUmyqX--Dsvhlp3_EWQ57Zy6nSLtRTQG--pNfuw5eAQbo9TqyZ6EwjSF1ybuCLM
.suip.biz/	1970-01-20 14:52:37	Name: _ym_uid Value: 1663621298871647716
.suip.biz/	1970-01-20 14:52:37	Name: _ym_d Value: 1663621298
.yandex.ru/	1970-01-20 15:43:01	Name: yandexuid Value: 1483842791663621298
.yandex.ru/	1970-01-20 15:43:01	Name: yuidss Value: 1483842791663621298
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2423327941663621298
.yandex.ru/	1970-01-20 15:43:01	Name: i Value: s+SqQu/OZMmXUGCaGDdOy2NZa0UgeW20zRgzgBcV4y9k2JW/CBhqjB36I1AhHXdfMQhULuwjxJgd7jpFs70GE2Rpq5o=
.yandex.ru/	1970-01-20 14:52:37	Name: ymex Value: 1978981298.yrts.1663621298#1978981298.yrtsi.1663621298
.casalemedia.com/	1970-01-20 14:52:37	Name: CMID Value: YyjYst7aQOBuk2-0HGMlUgAA
.casalemedia.com/	1970-01-20 08:16:37	Name: CMPS Value: 026
.casalemedia.com/	1970-01-20 08:16:37	Name: CMPRO Value: 026
.suip.biz/	1970-01-20 06:08:13	Name: _ym_isad Value: 2
.adnxs.com/	1970-01-20 08:16:37	Name: uuid2 Value: 7379060558986390625
.suip.biz/	1970-01-20 06:07:03	Name: _ym_visorc Value: w
.adnxs.com/	1970-01-20 08:16:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>iFUH1!]tbPl1M>e)ZlrFUfJ+tGXxoaOY`:4[-00tSdM6`XSH<#X#kZC_KBYcQjFAj3If)y3KL9D3I?+M*+C[J
.casalemedia.com/	1970-01-20 08:16:37	Name: CMTS Value: 028
.demdex.net/	1970-01-20 10:26:13	Name: demdex Value: 10692404082760926231366769609078248034
.openx.net/	1970-01-20 14:52:37	Name: i Value: 011d2ba5-b552-459e-b5f0-b53786aca0d5\|1663621299
.scotiabank.demdex.net/	1970-01-20 10:26:13	Name: scotiabank Value: 10692404082760926231366769609078248034
.teads.tv/	1970-01-20 14:51:10	Name: tt_viewer Value: fb9d3f8b-ba84-4cb4-a164-24b3b7d871dd
.doubleclick.net/	1970-01-20 06:07:04	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=8529915318&adk=852033020&adf=2953108972&pi=t.ma~as.8529915318&w=213&fwrn=4&fwrnh=100&lmt=1663621297&rafmt=1&psa=0&format=213x600&url=https%3A%2F%2Fsuip.biz%2F%3Fact%3Durlcrazy&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663621297624&bpp=1&bdt=232&idt=192&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C760x280%2C760x280%2C760x456%2C760x280%2C213x600&nras=1&correlator=5277382321907&frm=20&pv=1&ga_vid=973924687.1663621298&ga_sid=1663621298&ga_hid=1003148374&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1246&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44768832%2C31069177%2C44770880%2C44771548%2C31068921&oid=2&pvsid=2952893210557378&tmod=1221228566&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=d2jsbSqjps&p=https%3A//suip.biz&dtd=196 Message: Refused to execute script from 'https://scotiabank.demdex.net/firstevent?d_event=imp&d_src=203093&d_creative=171254377&d_campaign=27601933&d_placement=334099608&d_site=3375178&c_advertID=6105104&d_aid=6105104&d_bust=3563498865' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
scotiabank.demdex.net
secure.jdn.monster.com
securemedia.newjobs.com
suip.biz
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
13.226.39.45
142.251.40.162
142.251.41.2
18.164.124.73
185.117.153.79
23.195.101.76
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2006
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::200a
2a02:6b8::1:119
34.98.64.218
54.186.7.121
68.67.160.184
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1009b3396f4b21a600498df1df532f4485fc82c1687ab1d49389746dd11ed8f3
102ec4aba2c8341b0ad5a8a480ad60d74a2a337f187ef09ae95eee4349ad2559
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128a2a30bd3c13c715863e575195d93cefffa34b7dc2394e9d516cec7b3bf321
13802efcfc08dc502a436129df69861fd023fab327060456a994161a4521d859
165c8946a273add486b0c2a085108fca2503f44859c5a22c7a5e2b1f247761a7
16adc48c5a6e36fbfe0dfd6318cf7fd9e173a9822dabef77075f1eb5cbe7f51a
176841cb40b36e1aadc272c79f082b686852d1647ee6eb7575989bd797fadd38
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b744aeeec8c3bd4574c37d961a52f1ce1c3350a497084a822750581f2dafb2d
1bb862f0a976cb5d8cf85ff6db4ebd7b7cfa73c8479bea772a4a006b712f0a47
1c48decfa43192de394c8007ac08e18d92bc4f7cca27d1d9f3eea845c478627d
22a97c8c5e7f9fe21412e38054dc4d9574679a2406e5c4699a6286eba64a5972
23c342c7c7f09cf0945f576575fb280cf9449112dcdf21cd969476870b012064
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a89baeeddf42182b6b6847f1ad6f45d2c81457c4970ed9baec3be9e44d84fc5
41fc5f1dd4b9e0c7c9bdc122840f29316e026903d29075f0a25e5cc0277e1f48
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
43d32cf46a6c5287996c92c8e60d367b6cdf01186027fc0281dabedeffccbcea
4575bcd35c4e95871cfa351c70794e15aa3cc5f02f4d48e056e1e82928329db5
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d4c4f20a3fb8034098760b7fb582cb302da9ecae2fd8eb858c5ed7623ac23bf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56822befb650282fd19e954e453d3faf3fe0c477213610a9f58e969e1604ca9e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ddc0a3284f1a1a3c2405d8cb0fe99c9df921fd44b846d503d8a05552b85c25c
614ca86cb9f3c21ea92a92cbfef4d4afc6b658a7601da84ba71898daac7da08e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b2adb58dec126d30904f23f5492657890b4fb76843b979c4d6a051d29a36b50
6ed627c7b06f88a52e594847bbc054a082b03ce7e08b8a02433e40b32b51d8cc
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
7bc5f1654dfd8b458e5148b5eb32a7d40b48cf97d4420bee3eba7bed1db1850e
867b0484aacf21de70bfc23c0836b729e6cf92720f4486917d1761adc66037ef
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
88b0135cc0f1adfc0c866864fb2fbe334f667549569046805dc4731a7ddbb6bf
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8eda605551b01686d9a6102289246a7a3dc194274d8e0a2a1cfddaf23b4bd367
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a42fc8f61756ab1ce8adb942b109457b9950895c479bb7ea10b7979fc966bda
9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa43001c2eb32f850ddf77096f4e3e78255e8eafc5d41f28b4d06632689d79ef
aabf1299026667a42f3fdf47848de7e78f76ac3bcf9a682f571464d1b4717bd6
aaffd8f840a28c06b23cdfbd40aac37922c86c1ee7ec2c121cef61c478378391
ad10155b9ba7b76bed168f3eac4d8cae445a01b44faa3e8e5705391d3522a0bd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0857e2ca9f82dccf2c8a2953a4de4d52e9fb709e0b626a2ccc39c6a7208c9fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
bb8013fc433650a8e86b28460667840984e2db960ecc982b0427750904d56235
be61c324c5ac0b8be4515353ead2a7e509dfec0c4880c85fc0c0eeac252183fe
be9be289df4afc43e86733d2bbe028767e24b4840fdcc938e72db1fe0f71744b
c0a4952651ae41a356f54d660c0f831c3ad5c7e318796ff104be9cabec5da4d6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c46f1e2bb79a96203c8a690f4e38304ea6103900b2659e97f991470d5bdbac10
c4ae9fa408a1d6b00552c238cc5020ac1878b11ab76d7334b2197173217ae7be
c723301d606d156cb85e99d13b724265ea62124af768d54decfa9fb6195e1731
cb839c287e567ee4da2221d4f4bdc486eabf7845775d1d1dfcd6903b94b33eb9
ccc343ca9a048a16a07d5ed437ceaae818ff1534f526d8e670e082ba5c87bd95
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d5b3c3baac38f92ca58c397f8dfaf014446a08934aed22df8bf61d63e6fd6565
d79a6ecd4efd42d22e2a124d4305a7cfce8c84a9c022160caab2d4ddc3be603d
dfc3e667bef10e8d08a65fff0c4e9f0553c309651a20224e526a492ed7b8a8ce
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e68f69aba735276e37edd52201cc5d5d1df9357c69128ab42becdefcb53f61d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1535199f71b96d423d3f991a5a0a92ca5779e74d2e23a509b5022ef347129a2
f573faf89538cca952685c9aedf3791c2affd3bfb757228b95766b7a3f58926f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb288898820f3c0d6cc74cc0ff39c5c5aa97c153dcd4e92a807c2f7352755763

suip.biz Open in urlscan Pro 185.117.153.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

192 Requests

95 %HTTPS

57 %IPv6

19 Domains

24 Subdomains

24 IPs

3 Countries

2236 kBTransfer

5174 kBSize

26 Cookies

3 Outgoing links

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

suip.biz Open in urlscan Pro
185.117.153.79 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

95 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

24
IPs

3
Countries

2236 kB
Transfer

5174 kB
Size

26
Cookies

192 HTTP transactions
8 data transactions