urlscan.io logo urlscan.io
SecurityTrails logo

heb.kyhistotechs.com Open in urlscan Pro
104.21.6.58  Public Scan

Go To Rescan Add Verdict Report
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Submission: On May 18 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 9 countries across 59 domains to perform 499 HTTP transactions. The main IP is 104.21.6.58, located in United States and belongs to CLOUDFLARENET, US. The main domain is heb.kyhistotechs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.
This is the only time heb.kyhistotechs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 104.21.6.58 13335 (CLOUDFLAR...)
35 151.101.1.195 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 143.198.248.128 14061 (DIGITALOC...)
1 1 46.4.91.20 24940 (HETZNER-AS)
1 205.185.216.42 20446 (HIGHWINDS3)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.216 39134 (UNITEDNET)
15 43 2a02:6b8::1:119 13238 (YANDEX)
25 2a00:1450:400... 15169 (GOOGLE)
9 172.67.154.248 13335 (CLOUDFLAR...)
1 213.174.135.25 39572 (ADVANCEDH...)
42 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 213.174.135.24 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
38 142.250.181.226 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
64 2a00:1450:400... 15169 (GOOGLE)
5 35 2a00:1450:400... 15169 (GOOGLE)
7 15 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2 209.140.149.182 11643 (EBAY)
2 184.30.25.27 16625 (AKAMAI-AS)
1 4 2620:116:800d... 16509 (AMAZON-02)
3 3 159.253.128.183 36351 (SOFTLAYER)
8 55 142.250.186.162 15169 (GOOGLE)
4 66.155.71.149 13768 (COGECO-PEER1)
3 3 35.186.193.173 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
2 2 13.224.95.123 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a05:d018:24:... 16509 (AMAZON-02)
4 213.155.156.183 1299 (TELIANET ...)
2 2 35.186.253.211 15169 (GOOGLE)
3 4 18.197.47.23 16509 (AMAZON-02)
2 4 2.18.234.21 16625 (AKAMAI-AS)
4 8 2001:678:cb4:... 56396 (TURN)
6 7 37.157.4.24 198622 (ADFORM)
3 4 3.126.56.137 16509 (AMAZON-02)
2 172.217.18.98 15169 (GOOGLE)
2 2 185.29.135.226 30419 (MEDIAMATH...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 18.158.81.184 16509 (AMAZON-02)
2 13.248.242.197 16509 (AMAZON-02)
3 3 52.28.196.155 16509 (AMAZON-02)
1 52.73.9.252 14618 (AMAZON-AES)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
5 5 18.159.187.109 16509 (AMAZON-02)
2 2 35.190.0.66 15169 (GOOGLE)
6 6 104.111.237.88 16625 (AKAMAI-AS)
1 1 185.86.138.132 201081 (SMARTADSE...)
1 82.113.101.132 6805 (TDDE-ASN1)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.111.239.217 16625 (AKAMAI-AS)
3 46.236.13.147 24931 (DEDIPOWER)
2 13.224.95.108 16509 (AMAZON-02)
1 81.29.72.47 24931 (DEDIPOWER)
2 54.72.18.9 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
499 55
11    104.21.6.58 (United States)

ASN13335 (CLOUDFLARENET, US)
heb.kyhistotechs.com
i.kyhistotechs.com
kyhistotechs.com
35    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
site2text-2021.web.app
bk.jampartizan.com
9    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    143.198.248.128 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
lib1.biz
1    46.4.91.20 (Germany)

ASN24940 (HETZNER-AS, DE)
cst.wpu.sh
1    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cst.cstwpush.com
5    2a00:1450:4001:800::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
43    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
25    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
9    172.67.154.248 (United States)

ASN13335 (CLOUDFLARENET, US)
i.kyhistotechs.com
1    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
na.nawpush.com
42    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpushsdk.com
script.clickadilla.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
38    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
28    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
18a8b67c322b52a236a3c2010bac844d.safeframe.googlesyndication.com
64    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
35    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
15    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    209.140.149.182 (United States)

ASN11643 (EBAY, US)
PTR: rover-web-public-1-3-lvsaz02.ebay.com
www.ebayadservices.com
2    184.30.25.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
secureir.ebaystatic.com
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
55    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
ade.googlesyndication.com
4    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
14    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    13.224.95.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-123.zrh50.r.cloudfront.net
s.ad.smaato.net
2    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
8    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
7    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads4.g.doubleclick.net
2    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    18.158.81.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
2    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    52.28.196.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-155.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.73.9.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.adaptv.advertising.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
5    18.159.187.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.travelaudience.com
6    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
tracking.m6r.eu
1    185.86.138.132 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    82.113.101.132 (Maintal, Germany)

ASN6805 (TDDE-ASN1, DE)
portal.o2online.de
2    2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
3    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    13.224.95.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-108.zrh50.r.cloudfront.net
analytics.webgains.io
analytics-wg.webgains.io
1    81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
2    54.72.18.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.webgains.io
2    2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
w-it.m-t.io
Apex Domain
Subdomains		 Transfer
129 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
487 KB
108 googlesyndication.com
pagead2.googlesyndication.com
18a8b67c322b52a236a3c2010bac844d.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
895 KB
38 yandex.ru
mc.yandex.ru
77 KB
32 gstatic.com
fonts.gstatic.com
www.gstatic.com
504 KB
28 googletagservices.com
www.googletagservices.com
964 KB
20 kyhistotechs.com
heb.kyhistotechs.com
i.kyhistotechs.com
kyhistotechs.com
599 KB
18 google.com
adservice.google.com
www.google.com
2 KB
16 googleapis.com
fonts.googleapis.com
storage.googleapis.com
translate.googleapis.com
23 KB
15 web.app
site2text-2021.web.app
3 KB
14 2mdn.net
s0.2mdn.net
274 KB
13 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
383 KB
11 jampartizan.com
bk.jampartizan.com
14 KB
9 zx-adnet.com
cdn.zx-adnet.com
132 KB
8 turn.com
ad.turn.com
r.turn.com
3 KB
7 adform.net
c1.adform.net
4 KB
6 m6r.eu
tracking.m6r.eu
4 KB
6 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
5 w55c.net
pm.w55c.net
5 KB
5 advertising.com
pixel.advertising.com
sync.adaptv.advertising.com
1 KB
5 yandex.com
mc.yandex.com
2 KB
4 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
105 KB
4 webgains.com
track.webgains.com
diapi.webgains.com
99 KB
4 3lift.com
eb2.3lift.com
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 de17a.com
d5p.de17a.com
536 B
4 sitescout.com
pixel-sync.sitescout.com
764 B
4 quantserve.com
cms.quantserve.com
1 KB
3 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
5 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
3 ctnsnet.com
gcm.ctnsnet.com
1 KB
3 simpli.fi
um.simpli.fi
2 KB
3 google.de
adservice.google.de
1 KB
2 m-t.io
w-it.m-t.io
280 B
2 awin1.com
www.awin1.com
1 KB
2 travelaudience.com
ads.travelaudience.com
805 B
2 adsrvr.org
match.adsrvr.org
529 B
2 mathtag.com
sync.mathtag.com
1 KB
2 openx.net
rtb.openx.net
760 B
2 tidaltv.com
sync.tidaltv.com
772 B
2 dotomi.com
dclk-match.dotomi.com
207 B
2 smaato.net
s.ad.smaato.net
858 B
2 pubmatic.com
image6.pubmatic.com
1 KB
2 ebaystatic.com
secureir.ebaystatic.com
972 B
2 ebayadservices.com
www.ebayadservices.com
1 KB
2 googleadservices.com
partner.googleadservices.com
577 B
2 clickadilla.com
script.clickadilla.com
58 KB
2 yadro.ru
counter.yadro.ru
1 KB
1 o2online.de
portal.o2online.de
607 B
1 smartadserver.com
ssbsync.smartadserver.com
448 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 onetrust.com
geolocation.onetrust.com
263 B
1 wpushsdk.com
js.wpushsdk.com
3 KB
1 nawpush.com
na.nawpush.com
898 B
1 cstwpush.com
cst.cstwpush.com
60 KB
1 wpu.sh
cst.wpu.sh
97 B
1 lib1.biz
lib1.biz
15 KB
0 wbtrk.net Failed
um.wbtrk.net Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
499 59
Domain Requested by
64 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
54 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
42 pagead2.googlesyndication.com cst.wpu.sh
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
38 securepubads.g.doubleclick.net cdn.zx-adnet.com
www.googletagservices.com
securepubads.g.doubleclick.net
heb.kyhistotechs.com
38 mc.yandex.ru 13 redirects heb.kyhistotechs.com
35 googleads.g.doubleclick.net 5 redirects pagead2.googlesyndication.com
bk.jampartizan.com
cdn.zx-adnet.com
googleads.g.doubleclick.net
28 www.googletagservices.com cdn.zx-adnet.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
24 fonts.gstatic.com fonts.googleapis.com
15 www.google.com 7 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
15 site2text-2021.web.app heb.kyhistotechs.com
storage.googleapis.com
14 s0.2mdn.net googleads.g.doubleclick.net
heb.kyhistotechs.com
s0.2mdn.net
13 i.kyhistotechs.com heb.kyhistotechs.com
11 bk.jampartizan.com heb.kyhistotechs.com
pagead2.googlesyndication.com
9 fonts.googleapis.com heb.kyhistotechs.com
googleads.g.doubleclick.net
9 cdn.zx-adnet.com heb.kyhistotechs.com
cdn.zx-adnet.com
bk.jampartizan.com
pagead2.googlesyndication.com
8 www.gstatic.com googleads.g.doubleclick.net
7 c1.adform.net 6 redirects
6 assets.ad4m.at as.ad4m.at
6 tracking.m6r.eu 6 redirects
6 kyhistotechs.com heb.kyhistotechs.com
5 pm.w55c.net 5 redirects
5 ad4m.at googleads.g.doubleclick.net
ad4m.at
5 mc.yandex.com 2 redirects heb.kyhistotechs.com
5 storage.googleapis.com cdn.zx-adnet.com
4 eb2.3lift.com 4 redirects
4 ups.analytics.yahoo.com 3 redirects
4 r.turn.com googleads.g.doubleclick.net
4 ad.turn.com 4 redirects
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 pixel.advertising.com 3 redirects
4 d5p.de17a.com googleads.g.doubleclick.net
4 pixel-sync.sitescout.com googleads.g.doubleclick.net
4 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
3 track.webgains.com as.ad4m.at
analytics.webgains.io
3 x.bidswitch.net 3 redirects
3 gcm.ctnsnet.com 3 redirects
3 um.simpli.fi 3 redirects
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 w-it.m-t.io analytics-wg.webgains.io
2 api.webgains.io analytics.webgains.io
2 www.awin1.com as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 ads.travelaudience.com 2 redirects
2 match.adsrvr.org googleads.g.doubleclick.net
2 pr-bh.ybp.yahoo.com 2 redirects
2 sync.mathtag.com 2 redirects
2 googleads4.g.doubleclick.net heb.kyhistotechs.com
2 rtb.openx.net 2 redirects
2 sync.tidaltv.com 1 redirects
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 s.ad.smaato.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 secureir.ebaystatic.com googleads.g.doubleclick.net
2 www.ebayadservices.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 translate.googleapis.com storage.googleapis.com
2 script.clickadilla.com cst.wpu.sh
script.clickadilla.com
2 counter.yadro.ru 1 redirects heb.kyhistotechs.com
1 ade.googlesyndication.com
1 analytics-wg.webgains.io analytics.webgains.io
1 diapi.webgains.com track.webgains.com
1 analytics.webgains.io track.webgains.com
1 ad4mat.net ad4m.at
1 static-de.ad4mat.net ad4m.at
1 portal.o2online.de
1 ssbsync.smartadserver.com 1 redirects
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 sync.adaptv.advertising.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com
1 18a8b67c322b52a236a3c2010bac844d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 geolocation.onetrust.com cdn.zx-adnet.com
1 js.wpushsdk.com cst.wpu.sh
1 na.nawpush.com cst.wpu.sh
1 cst.cstwpush.com heb.kyhistotechs.com
1 cst.wpu.sh 1 redirects
1 lib1.biz heb.kyhistotechs.com
1 heb.kyhistotechs.com
0 um.wbtrk.net Failed googleads.g.doubleclick.net
0 google2waycm.netmng.com Failed googleads.g.doubleclick.net
499 82
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
covid19-dashboard.ivod.at
GTS CA 1D4		 2021-05-17 -
2021-08-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
10.lib2.biz
R3		 2021-03-24 -
2021-06-22		 3 months crt.sh
cstwpush.com
R3		 2021-04-22 -
2021-07-21		 3 months crt.sh
web.app
GTS CA 1D4		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
counter.yadro.ru
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
na.nawpush.com
R3		 2021-04-20 -
2021-07-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
js.wpushsdk.com
R3		 2021-05-07 -
2021-08-05		 3 months crt.sh
script.clickadilla.com
R3		 2021-04-04 -
2021-07-03		 3 months crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2020-05-21 -
2022-07-27		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
app.shoplister.club
GTS CA 1D2		 2021-04-20 -
2021-07-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.ebay.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-22 -
2022-04-27		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-04 -
2022-06-04		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-20 -
2021-06-08		 2 years crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
w-it.m-t.io
GTS CA 1D4		 2021-04-09 -
2021-07-09		 3 months crt.sh

This page contains 68 frames:

Primary Page: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Frame ID: 0E56C63B14D4863E60E33116BBD4274B
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Frame ID: 51456BBB074AB001F5C30A0C9E2EBF8F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3dsf9el_5SW53MafG-zRDdQAxTttCR1R1YB0lBrd345p58hZOMjIC-TziZ92xP6zW-tHlVH-XpP2WEpNvODBfO4Wmn7_Hrkdr8RXfLg4lrfnjgZXxPtE_oKg3cu6QEx4DM38FClPfJw05uuzJ7yJ84HFnG1GhjgINEr3UtDjHPUmA6NFCrdAjPQuFSSaESNDluVULulskOWkO7O3dORAmG35Wk6LURe2ABWB1ac2vPeJu_vjfCyAUJ4_nZL_pH9AH6JmsZU2oPdJ4Jkxor0s7jT1HoZ61f2MRUJkVJkEbXw&sai=AMfl-YTufspFaD4kqRpjU7ZAe7q2JoP9CCksdeYR7lL960-g-ONeiM54Cv7xtb2GKiVdZF6nRA9sdThmrDRD1l09JHLhwZFc8B3vvRD8mw6jElgde4V0bia3NBeOK8IPOmU&sig=Cg0ArKJSzFaWUIy5_HQWEAE&urlfix=1&adurl=
Frame ID: 6CE09B7E8F2170EBCE3332ED769108A8
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-R5bQePmGBl8mM8zZJx-vGUPQOEYyiqw_hKSkGNAzCVeyJhjgNk0W5uOJDWkTBnghFDli3pXq8Qgn9RcbmJMlh6Ii_uG43u7DDAK7FmkacIO7h87RuHVuSmVuUpS9TaNnzgb0IpE6iQy0Z-lJRGnhTGOjtqIOWqRTF1aCNLIzRHhC5ym2L3vqRCYM3GvEPEO69_0uAQbkBQZSlMnBVoykrwY1EKFYmQVjiX-kAKgMRGoN-connPgPKBbeKpV16F161KOGgva9nQMa-IHKrcQ70tTlH_kkUlzgVzQ&sai=AMfl-YRjxof1qbDsXspCFo9wV6YpJ_xQ44pYVdEl4D29Sq8ASGuKeWRKu2d3Hon4B2CxClIA-0XKLn8C4CZGsLFfj1fxeNVRDBXM0magzqrPft_ygfFaITcd1tsUdHgvKgxB&sig=Cg0ArKJSzO2Ud8HUx8VCEAE&urlfix=1&adurl=
Frame ID: A763E99BD639B2DD907E31C9424968F5
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslvs14X-Adj-22aeG5MWIOP6N4C8f6i79iUT50DgkcG71HRrxulO0KTFJGlG_lFRolQ2OpzXOUi_2buI8HfzPqE65hJA1UhypB7g9SdjzR_qHvV8fMfXvxqDWXtHLgzPmmDUH-nemSlO-JDqDyvITpuZ-DI7wcS5E7HUb0s46lxu_UIMmJELT_P5eSrzea9ytaDNKI2u7RkJaOB7uaTYTefSmNATZxsns_TM6jkV24rcFUMJ1NqvovGVrQO1-TCGcaihMpU2HI2tvUIf2acnMlkLN-LxZp3EyA1TA&sai=AMfl-YQORoqTHaPAKRxXipp5HYMB40yT_x_oE_T3QH0ki3iB9g0Bm8IvMfP-3dE9V8xl4AMkdyJmlzpc6xyD6S7f1b1gYxX9BbGMYn8FlwJU0q3DGEOeD3HsJG1iEhdF9tU&sig=Cg0ArKJSzBKLkeBtz7hHEAE&urlfix=1&adurl=
Frame ID: 1DB706A66E5CFBFACCE1D2D38AAB000B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5w88NaWzFru-l95gjE0pZc80_I_OIfKjJ_I1XQkongvpQAps7sr632gtdfHI8GEV0afj2ICHbv6zAOJcwKpb9q5_bCluTFVzJuXjRPPfqaQx30eRnxZL4UTPnTFFR8tqJXGQHo7s2-RSRIY3jdf7uIn8ooTsdH05LXPw5TZXEMsG6EJXn-wdlW9j7EnZg6xNdFxfEW3FMwhMbsJXGtGDYT-lbfzuMxXP58zMfud4Hs-89Ok48ZwWPJoRktTpP2IxC10mu_d9iibH5lm29d2eGyVN0vHom7boAYYQ&sai=AMfl-YSzUyfA6ezSwjksx6UaNO0HkUrphpdN6Hwbww2qtQ-NXJG9R8ITffDONwcuvtX7o4GP8l7VpQNT-JE_Mo9P0YOCafOBtv2LlMKLZBnb2t8OinIh6IrFZpObi1Qugvg&sig=Cg0ArKJSzEXSXzwJgGGpEAE&urlfix=1&adurl=
Frame ID: 89B0DB3343CC08ADBA7E49B9D4D37F8B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucYj-Edn3_7mCqgHC7_MSmOoSsISqefmxPpbEgg2_tb7x5zKq0NMbGJBDXyejzvZZU-wE9grYxIhS5GMoqDY8I1TQoTQtmy3sAQ6e1FdnyFdT2ECXyUZJJA6obHdpCeaumKUp3FY9Fc-JTGisFd-wceoqTIXeJyCm9u6u31keCfUggZvpkJlfOApBJKkLn9rhBm336S_-tvtMoZaNBB6kdU_1py60V-IS4BZkLf4VPF3clANMP9QzfeGMw3dtcBZXx9mYq4ccVC0pZnStKsmMligFbY2NHabNXomQ&sai=AMfl-YRF53Rc7CbeCf1kVQRfaJMXpWQLn4T4g66pMvUtbdg81XSCCI2qhzIX3izps5MyZdnRR_IGObKfakuwKYl-13PrlEtVjfBrKIPNEXza2HGKta2EFokUmBvbddXCJ_0&sig=Cg0ArKJSzLrBuBete7HxEAE&urlfix=1&adurl=
Frame ID: B34069D7F2743F5DAB02490B96C1CB95
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYd1r-jIv9eeMQKjaKRgwTTUjxPqxu92X-svT1xGGabtY3dDLjy0JwS8KejinHoB_ejLLIrDRI0GcFUzIjYlFc4j9jJ900q73J1SMdhneacBXny9o4KVikDoIKlavIsR15I3lVsKwqbQhvMZMVD_bQs2dg1aWAHBk-ymxf_TaFIpG5_CctzLHiHLggqSKOGy1cUiEL_cppFKlqYFf4jRS2SVWkvShaV4k7RGyU_yT1d9-QV_1w56OBDej5F3hwVa0yZtKF6-tdfTiuk5lY4KpLAVXAkK9U23qo39Q&sai=AMfl-YQAU8xMT6EuU6w3EOkCYjHr6p-BUUDtM_Wte_rF66MRDe7pRfmrHHzbd0W7ae_mgIU6py9BwHzdQvLxZ8PzN0mECcpWKR8LIuS0rcTNZDaiYBWqkzwXhCiLweGk960&sig=Cg0ArKJSzHVD0N1NBN74EAE&urlfix=1&adurl=
Frame ID: C13806369AC88D878C316ABBE8CADBD0
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttxVlXIgMuzhVLdjqmfXVZCOX25esVXXufJzlw4TnruSWhKBUCb0GQ-H_Fbi-LdDh6cj-xjaX28Duv7Yp7f4hy-8xMbwX7eCmdy0anBWW-wN96BrYF-w4NXrXxuIe6xgUy8drsDlLeLAF6lyWui0V2OfaI2At7ksjMAER3EhSVn2CsVW4svGg1vsLYU12PE9Y0odCDzIW88J5S_gP9geyhHtLAsWI3ing2h_SRF58aeTcOtKD5tzlp2zOhyHUrZlMure0F1SsM8xh0XAlv4qbuN9r9nqQFEGPmIE0&sai=AMfl-YQJALqjmbbmoOottsCctDpY-zxyM0-9wkvVhTHVyImjcD6oETTewchrp76bKWawx5n2MeYXRFndxhGyDEOW0mz-91cuDPykNQ7YzVwItxBB1yrKqEwSJqaJx9BschU&sig=Cg0ArKJSzA_696RbU1eoEAE&urlfix=1&adurl=
Frame ID: 94BECD21276DB336AA7FB0223E03EC57
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueHFVYtphiBoBlwKRB9KrN6b8mxVk1MDTqkXOgOEDIFN6VLCNftcM6irFM58wjfw2zaN4Nkc5hJrQ5X47Xu163PzON0M08H3chM6k3pNOcbSY6yPYZzeKe6P4sf1LgjhQ8JFfSIbgZRvc1JI7bp1LRB4S_xpvdwEc1zKSLW_C-n-EDWHDV9L1GYWLzv-akO89L05VelrDzcFASndXvkxlaGarpf5geD8d76rfmr53LjNdhGBCXttPkPB79LeXqvpv2xQHkUZxb8Yxv_HfcexvpvAHt22Z6iwGluv0&sai=AMfl-YSt3e6DUhSrDgCzdVQGyxogJAl9crTcqCviYvpOO9bZDTtkENrgORjaUosk9SqgJFWl0zSo-BX-Yguq3TriwY4Q1oXO61d5JHR46gcHv-jxifpzN2z9-9sQ7U2BFAU1&sig=Cg0ArKJSzGo6k168-xsDEAE&urlfix=1&adurl=
Frame ID: AB4762A5A3B8FE012084C556A0AA5DAA
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaCTZzcnbmDnUoc5kDav0KMVAxg46hTtujf_PcyGZFs-HzSGNzKtr25rHdlPs8wozmbUpB8jpxVXIwtlnMv8szgBjD1K5N-IfLtVV1NWq5GpclZdyIZd5hBu5pFvlSiet5z36S9qMoQ6k0CA50lG8XRWhM2tTURg6HerG1xiqi48m_q-J1-FDLKQc_iqj5wMN8JiY3uRxhmC-PQSgvPC9UKmApwxp3sHLdqICXous83ydi0Oz9eJZgy750cZiaZbizFwneaQLz7WByF5L6iJWcTTHGOGMO0QX82TQ&sai=AMfl-YSg8YDzF96OiIQfjSeHU3vq0yRgqMPXK74TFtQXS_cKPeA4RtLbvT1hDzcFbXDdyv6RyouqOD0s05-cSx2JPcsk8MXqD-fU-7mFkJIqZWsAOKug2EN6RnXPk3NrbHc&sig=Cg0ArKJSzMexqfaHSURUEAE&urlfix=1&adurl=
Frame ID: 2A96D71867ECFF83D848C79FCD68E490
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY8FmxK8n331-PbGy6hsFzfZDp9kCc6ziXLm5M8jCE-sVdzH1QvGleMwiomFAjVjZVUvaJRL3eZKTbdIwYtj9slycAJ3PsyJrndmWxKF4sM6LmpdYCXLjgNI7rz4mrZZpBfkiNJbYKsnHxmSZ47QoTMLKTkSjcJd9vK5VLYUrbjszhrfMwO_OUx5iTIAGbyGgL3W93FgbQ2KlzXjZILkjPfTXhI_ruqTw7Et7YWKIfajmuqrDFE9uaXvDdFfjFMMN7s2eE7SjvHWX0KKRdbaOtm9zxGqprveSakEY&sai=AMfl-YStmOLe4hEwfInUXGwttX0SuFirRKTZI3drSjvMyp4faba4WCAsJ2mQVkZZ0bee_bSPXdJHcLxUpL5kPNbfenkpipv1Dbche35OZLCWNel3ZY8m08xlMTIId5iIYg10&sig=Cg0ArKJSzFvsqz30lcc-EAE&urlfix=1&adurl=
Frame ID: 17C11C08DB05EA6652587C1106CC8580
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4M3PV4mVh6fiO_Q9AG65ToZK81BbTQ1mNyRUF_ckZkG9HeGaSbBeCpQSZPgbC4KOD5mQdLjRvmuSV04-eETw23O-teaIOHqqh7fIY1vhygI9g-J3wNGtza2NOZglFlc4dAakJEansQsfuj3-P_M1pfIaSpdPZHVOIvG6-xdKoVJ8fUsI7cufYPLcBhov8pAChtA8daBO7GQXYZ4tUwGVta8HgvEQOj1-8ib2eAwqmb69tmXv12TpAN2mCXGueCvEGJD1wbqi0wGISk6l8kwKQiOEDvr6HYqiGRwc&sai=AMfl-YTKemNTv9WDZuI1CrXA-tQ3Av3GmwdR6-OdDSC-9EKBSksdS0o21WXHUE172MdutMKcmfxMqJ7LfKv55J4qminKx_j4r4sFqEAwF3YDv4fYAAhj2guh8vqQhC1s58A&sig=Cg0ArKJSzBBP0FTwCc36EAE&urlfix=1&adurl=
Frame ID: 51F5BE24C256811484119845C9D0DD49
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTvvm4ffUqgnpIlrNNDMgolCCeC4WYamGyUgaG0jtPCNFJBfuGZkhU-oQ1QDy4Z9-9XTE0euVSXpI3QCZq633UwGZ0-YBXjpxfZvpUn9GMHMdyBXc15DpN7gAatMdFLWucfZJNEscsgS6E1m8kUq_V60Z8Xoo8B_y_LQZXXTyHkUdu5z14nJCLJrQlqwUVF6lOtLXKTFgrgee4j6hesaVWIh1ini5kazEuu_oHFEu-6cJONbMDun7WfQjRJINWbMtYcpiOM8_8RTujSwk00cfNsKWpXMFZstyYFQU&sai=AMfl-YRBUaJEJaFIVcU5zQ-6kJDs6wmsxp7OtOWq_SdEUrOt1DmdthPoH_xr0h7C0PKyByjRCwqbLoY_v6LyNtN6HjO_dxZoCc1EEHxLgZK0BnA581e73IR9Zf9VB7onwqI&sig=Cg0ArKJSzK7ANULCLfQkEAE&urlfix=1&adurl=
Frame ID: 15DC13AE30430B79799146474CA5A8B4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_optr.html
Frame ID: 7888E2867E85B65F3836E43490A0616A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Frame ID: 813CA2F0F9B45297AD4D6EB137D406BF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Frame ID: A5CBF4E7687129E8A47D557473183599
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 89DE0AA312CF2E8B2D1ECBE077C598BF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEA5621F42A55B0373E9B21D9BC77A7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Frame ID: 73CC81924E53156D8FA40ED2CB103BE4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Frame ID: 88AE104AE70DFDCA86C5397BA80C376A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Frame ID: 506C200EC8D201E8F7E308BDF369AF86
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Frame ID: C394191F6EF0261C949F59EA1A3EF985
Requests: 15 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_optr.html
Frame ID: C1BC41645471141D378DC8AC16AB9A3D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_optr.html
Frame ID: 198107302C405BC5BEF456DBEE4E1C09
Requests: 1 HTTP requests in this frame

Frame: https://bk.jampartizan.com/adx/1_zxm_optr.html
Frame ID: BD03337787C18B5DD1A24281DA70B5DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_optr.html
Frame ID: B177386D559BB78437B0FA718A1881CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Frame ID: 360FB22AE0E0562CC9F37699DBFB6048
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Frame ID: FF408B45785F358C791D52A3B2CAB1DE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 135855F1FD20A1BFC041DD1E53AD61F6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 208850ECB9E54E6AA969902D2D5B6196
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Frame ID: 768F191300DDC73EF284D3A61FA53448
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Frame ID: B439249192D300B66BBA96DDDDE80F16
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6DFD5F5F282834C5CAA74BDFA6CF05F7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 242ED4B358DF1C934F6EB8A890534BDB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E2C825D1F6A9014A9214839475C98483
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: CD28D592347C9CAF855E7C75E2AFFDF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Frame ID: 3B799BB1906A5F0CE50FD17592233B66
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Frame ID: B4CCF03728A9CE2B3DFE28A26B491BF3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiNu7yZATAB&v=APEucNX5EGhUCy0uwWQvubnPOJyXJOYww9zeapMbvnAcOeFnKr4MBabVBSLWJL2_HKWQ7ufaIXm7Qswx-dvEh1JSG4tGKJlzEaip6d1DyN9WkOV8ITx-0hy_NpAMXAGE4okCMK3vaYc_iv51qFwGSbjT9MX70omXnSXoeGZ-Hqyp87AKvIBr03H2Kwt5Z1enp8eLtu_mVl1bYN-oSgUyArsWNjsXzDKaTA
Frame ID: F66E82878FBD71DEDE7722E68D69CF7C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 31C11A991D670FA96FA15DB4ED1B97E8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7688263C672405B30CFF8344CA28ECC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4B3098F171B8244F5D7A7A379B7C017C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C9B60DDEDB21A2B2BB3ECAFE93931C8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AE448C8B174649E631108FC8A587CD1A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A19C37CCAF01AB7EC7EBAA95AF0EE6D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Frame ID: 80E4500FF0DB01C7DA488CE77EE56E7F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: 5FCFEE74D502B39F2B9BEBF5D9280C6C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4EFACB4BC390F8893FA006C0B449CBD0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Frame ID: E8D32719E2F305532DC467B603F32F97
Requests: 32 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
Frame ID: AC3B23B4E39848259686EC83DCDE0484
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92B8AA1497707A6E27822077D45C9202
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 74A26A2980301299F7D518CC01022EF6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ED3DAC4465CE4F9478B395506E53362B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EF0A474FFBBB9B13FE94DDFF556AFC3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: E7373898DE1A4FE01C41BDC0D878A320
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27F05FDDA282FE26B5FB063354F9BF3C
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
Frame ID: EE40399D4B950A362FC96B812663C7E2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E40530B2BF4F9BA3ECB451E8A4DE1E9F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: A26368BF51D8676E459C72AAA4B6A1C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: EF14A9DE46C2B946E7E22549B0B951C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: 5B47F37A5295DF370B698D369542E2FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AA30BB3E5EE9AEA597E287D4700BAD39
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5AF8C04C49BB2F5B2F853B68C86B1F22
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: C458723816680A468A83AA88D82D8375
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 986E17E59533872C109F38E5396A3655
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DF82F043363D3081A0486337104BD581
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Frame ID: BCE5AE85A5056BCEFF1BF2968CBF9DF6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

499
Requests

96 %
HTTPS

40 %
IPv6

59
Domains

82
Subdomains

55
IPs

9
Countries

4708 kB
Transfer

10869 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://cst.wpu.sh/static/adManager.js HTTP 301
  • https://cst.cstwpush.com/static/adManager.js
Request Chain 32
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//heb.kyhistotechs.com/mlpa-first-screening-method-43225044;0.000726288109258233 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//heb.kyhistotechs.com/mlpa-first-screening-method-43225044;0.000726288109258233
Request Chain 54
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9277.kTKj0GRhn1btT83g2r5VyiQenx_4jbrXCO9Jo-ZxMYUXIn5Jl0r0RYSnlx9Je3mP.P3X0KbB0XuGDc-c8zD-XS3YLJ8M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9277.TgypPGw0nfX6LQuknEuozup1I-88C-UrGCeZ1FxVf33HgJx8TFqB9rk9ev5A5fLj9eJ2ATH0fYpq5tlo8qq3Ug%2C%2C.P_rGr3LxgMbF3R_EBNNCafNCAzQ%2C
Request Chain 58
  • https://mc.yandex.com/watch/56316286?wmode=7&page-url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A301%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A953172915902%3Ahid%3A688765238%3Az%3A120%3Ai%3A202105180101501%3Aet%3A1621325702%3Ac%3A1%3Arn%3A787307588%3Au%3A1621325702468357304%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621325700685%3Ads%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C416%3Adsn%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C416%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621325702%3At%3AMlpa%20%D7%9B%D7%A9%D7%99%D7%98%D7%AA%20%D7%A1%D7%A7%D7%A8%20%D7%A8%D7%90%D7%A9%D7%95%D7%A0%D7%94%20%D7%9C%D7%92%D7%99%D7%9C%D7%95%D7%99%20%D7%9E%D7%99%D7%A7%D7%A8%D7%95-%D7%94%D7%A9%D7%9C%D7%9B%D7%95%D7%AA%20%D7%95%D7%9E%D7%99%D7%A7%D7%A8%D7%95%D7%90%D7%99%D7%93%D7%99%D7%A7%D7%A6%D7%99%D7%95%D7%AA%20%D7%91%D7%97%D7%95%D7%9C%D7%99%D7%9D%20%D7%A2%D7%9D%20%D7%A4%D7%99%D7%92%D7%95%D7%A8%20%D7%A9%D7%9B%D7%9C%D7%99%20%D7%9E%D7%A7%D7%95%D7%A9%D7%A8%20%D7%9C-%20x%20-%20%D7%92%D7%A0%D7%98%D7%99%D7%A7%D7%94%20%D7%91%D7%A8%D7%A4%D7%95%D7%90%D7%94 HTTP 302
  • https://mc.yandex.com/watch/56316286/1?wmode=7&page-url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A301%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A953172915902%3Ahid%3A688765238%3Az%3A120%3Ai%3A202105180101501%3Aet%3A1621325702%3Ac%3A1%3Arn%3A787307588%3Au%3A1621325702468357304%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621325700685%3Ads%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C416%3Adsn%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C416%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621325702%3At%3AMlpa%20%D7%9B%D7%A9%D7%99%D7%98%D7%AA%20%D7%A1%D7%A7%D7%A8%20%D7%A8%D7%90%D7%A9%D7%95%D7%A0%D7%94%20%D7%9C%D7%92%D7%99%D7%9C%D7%95%D7%99%20%D7%9E%D7%99%D7%A7%D7%A8%D7%95-%D7%94%D7%A9%D7%9C%D7%9B%D7%95%D7%AA%20%D7%95%D7%9E%D7%99%D7%A7%D7%A8%D7%95%D7%90%D7%99%D7%93%D7%99%D7%A7%D7%A6%D7%99%D7%95%D7%AA%20%D7%91%D7%97%D7%95%D7%9C%D7%99%D7%9D%20%D7%A2%D7%9D%20%D7%A4%D7%99%D7%92%D7%95%D7%A8%20%D7%A9%D7%9B%D7%9C%D7%99%20%D7%9E%D7%A7%D7%95%D7%A9%D7%A8%20%D7%9C-%20x%20-%20%D7%92%D7%A0%D7%98%D7%99%D7%A7%D7%94%20%D7%91%D7%A8%D7%A4%D7%95%D7%90%D7%94
Request Chain 68
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.4269685938456902 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.4269685938456902
Request Chain 70
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.9975474862866753 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.9975474862866753
Request Chain 72
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.10218862657020167 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.10218862657020167
Request Chain 74
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.730396599194989 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.730396599194989
Request Chain 76
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.6480092812629705 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.6480092812629705
Request Chain 78
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.9214696810340461 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.9214696810340461
Request Chain 80
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.07016313305244548 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.07016313305244548
Request Chain 82
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.07653924549427615 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.07653924549427615
Request Chain 84
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.7848339430200646 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.7848339430200646
Request Chain 86
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.7475009125812513 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.7475009125812513
Request Chain 88
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.8596856264689017 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.8596856264689017
Request Chain 90
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.0812450894697585 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.0812450894697585
Request Chain 158
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.11543325313997599 HTTP 302
  • https://cdn.zx-adnet.com/adx/1_optr.html
Request Chain 170
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.763413430633074 HTTP 302
  • https://cdn.zx-adnet.com/adx/1_optr.html
Request Chain 175
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR&adk=1016022896&adf=272530240&pi=t.ma~as.ZXOPTR&w=728&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621325702716&bpp=3&bdt=256&idt=56&shv=r20210511&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D2bbdf1768b36eadc-2276e6e815c800b4%3AT%3D1621325702%3AS%3DALNI_MaM2g24zIpesWXS9XgPCrdo_T2ciw&correlator=74683805351&frm=23&ife=4&pv=2&ga_vid=1172494409.1621325703&ga_sid=1621325703&ga_hid=1495197143&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=3004&biw=1600&bih=1200&isw=728&ish=90&ifk=878247844&scr_x=0&scr_y=0&eid=31060839&oid=3&pvsid=586743059668196&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p1lb1gt4cuaf&btvi=1&fsb=1&dtd=67 HTTP 302
  • https://cdn.zx-adnet.com/adx/1_optr.html
Request Chain 180
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM%2FZXM_OPTR&adk=1893897791&adf=816031634&pi=t.ma~as.ZXM%2FZXM_OPTR&w=728&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621325702600&bpp=6&bdt=188&idt=202&shv=r20210511&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D2bbdf1768b36eadc-2276e6e815c800b4%3AT%3D1621325702%3AS%3DALNI_MaM2g24zIpesWXS9XgPCrdo_T2ciw&correlator=74683805351&frm=23&ife=4&pv=1&ga_vid=687152999.1621325703&ga_sid=1621325703&ga_hid=1610742068&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=241&ady=7718&biw=1600&bih=1200&isw=728&ish=90&ifk=755764018&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=112025938682166&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qviyu0h9refd&btvi=1&fsb=1&dtd=206 HTTP 302
  • https://bk.jampartizan.com/adx/1_zxm_optr.html
Request Chain 182
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.03760955318822923 HTTP 302
  • https://cdn.zx-adnet.com/adx/1_optr.html
Request Chain 212
  • https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-160752-134609-8&mkcid=4&mkevt=2&mpt=1519754208&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=542897 HTTP 301
  • https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Request Chain 214
  • https://um.simpli.fi/gp_match?google_gid=CAESEHazSD7tWC463B2i6GZkymU&google_cver=1&google_push=AQvitUJurbOnMqGl9OrO1mHmW6Bqe7dOOdSsc7Mp5Hri1tv9PikEOajo7HTC8XVFtm9UEX444fG3daOovafr6gjKuSlZGvJdSQ4I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUJurbOnMqGl9OrO1mHmW6Bqe7dOOdSsc7Mp5Hri1tv9PikEOajo7HTC8XVFtm9UEX444fG3daOovafr6gjKuSlZGvJdSQ4I
Request Chain 216
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEFSbn2_DyXgvnSMUnwskn8&google_cver=1&google_push=AQvitULjFs9gyWIUFy5j6OEVXuyg9Hn9FH5JiqkzwgPBqXZNbm7OSZY1Av9UvCNerWuiFoLhxNOuHoW3cR3UYuayCKA1U94mMe3B HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULjFs9gyWIUFy5j6OEVXuyg9Hn9FH5JiqkzwgPBqXZNbm7OSZY1Av9UvCNerWuiFoLhxNOuHoW3cR3UYuayCKA1U94mMe3B&google_hm=3_hxlKXrTuaKwnG0Mde47nI
Request Chain 218
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMQzWcsIdajOG-ByH20u6R0&google_cver=1&google_push=AQvitUKe-bRjz-ZhC3VPvuGb9usW-6MXR9am5jr5jh9BSgtY8xT3IjEocjS6k6pJMRGQM9ZiSSITuWF5ADN75HzdHMgvqQgtbn1O HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMQzWcsIdajOG-ByH20u6R0&google_cver=1&google_push=AQvitUKe-bRjz-ZhC3VPvuGb9usW-6MXR9am5jr5jh9BSgtY8xT3IjEocjS6k6pJMRGQM9ZiSSITuWF5ADN75HzdHMgvqQgtbn1O&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yLl6dz0-ScmAtxwEvglKYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKe-bRjz-ZhC3VPvuGb9usW-6MXR9am5jr5jh9BSgtY8xT3IjEocjS6k6pJMRGQM9ZiSSITuWF5ADN75HzdHMgvqQgtbn1O
Request Chain 219
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECo-W7Qilr08xpUOYlcaByw&google_cver=1&google_push=AQvitUIHyNllQl_UfNqhM5eZOco31CD607TwQFfiiUr87Xh-LG-3urx7ODn680UHmfwSTM7k30s_mcYSmmxcF3S9xQts0tDu3Crc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUIHyNllQl_UfNqhM5eZOco31CD607TwQFfiiUr87Xh-LG-3urx7ODn680UHmfwSTM7k30s_mcYSmmxcF3S9xQts0tDu3Crc
Request Chain 226
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 318
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 319
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEE5eYzCgvnDo_7mp_AUUWro&google_cver=1&google_push=AQvitUJ00fU6jrpo3Qbdt2zwuGoqs4CtvDOynkZ-ZbWLpf6F5H4bZYpQSgG38v9XD7WXXWfHP_fb5-O-3vt6s4z6DGyFkCVLIqpX HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEE5eYzCgvnDo_7mp_AUUWro&google_cver=1&google_push=AQvitUJ00fU6jrpo3Qbdt2zwuGoqs4CtvDOynkZ-ZbWLpf6F5H4bZYpQSgG38v9XD7WXXWfHP_fb5-O-3vt6s4z6DGyFkCVLIqpX&s_h=1
Request Chain 321
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHJVa0XOZZX3qihCuv9vaGI&google_cver=1&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHJVa0XOZZX3qihCuv9vaGI&google_cver=1&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&google_hm=ShnN0qlByQI44DkpYmtB_Q== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&google_hm=ShnN0qlByQI44DkpYmtB_Q==&google_tc=
Request Chain 322
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUL3o6QzyWT0F4BBqOZmfWFEvXQFG4QALsRNb8TxQK90Y5gGfO4dTVfAMGGyrdVGxy8FWeX_5c4tRNw9eJOtbzKd0Fs9CfzGvw HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUL3o6QzyWT0F4BBqOZmfWFEvXQFG4QALsRNb8TxQK90Y5gGfO4dTVfAMGGyrdVGxy8FWeX_5c4tRNw9eJOtbzKd0Fs9CfzGvw&verify=true
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGVi5L71bLCrigOwNDS3XnM&google_cver=1
Request Chain 328
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKN3h3oOpMZ7r2E2b-XhYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-RRvdKHFICWrIZ6qe_Hko&google_cver=1
Request Chain 330
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 336
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 362
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitULc3WaW0DIUD_cJPMOI6MyiBgcCB3iuKzdXDQ2sxd0SsdbBzrcvd4KEdy61e9ioMK6OlKI02Ink1YJreLhfIPNgu-hDuw-aPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYyMDYzMjA1NTIyMzM1NzE2Ng== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MzYyMDYzMjA1NTIyMzM1NzE2Ng==&google_tc= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Request Chain 365
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUKElqUg2VXGbg5qM8CMtkrIBpnI3MskMKYig6ssG_zJAK1-Sf0l5ROkyVjSqsGFmmFCXgdSsPCH7UGwONYws9PE9iwvgfIeyA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUKElqUg2VXGbg5qM8CMtkrIBpnI3MskMKYig6ssG_zJAK1-Sf0l5ROkyVjSqsGFmmFCXgdSsPCH7UGwONYws9PE9iwvgfIeyA
Request Chain 366
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUK65NmWCXxDNOZ-TIt5rztL-WXI6F08jDPJQcmpRCOdNY8WaBqqTzsWE7Tb6-_ztgpSyCSJhcAva7ndOfplUwkc2Gs2Kfu97g HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUK65NmWCXxDNOZ-TIt5rztL-WXI6F08jDPJQcmpRCOdNY8WaBqqTzsWE7Tb6-_ztgpSyCSJhcAva7ndOfplUwkc2Gs2Kfu97g&verify=true
Request Chain 371
  • https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-160752-134609-8&mkcid=4&mkevt=2&mpt=226040764&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=542897 HTTP 301
  • https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMwqEolHza_BhWHtbKVVauQ&google_cver=1&google_push=AQvitUIU-U_KP9cZUJsXjk-KC0kr9KPbz0egLrLTSRBRqAovwc9plMoe2274ZtTmtagEyJY_jK0T6-dO-gSKO5QN26f-pz_iMoY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIU-U_KP9cZUJsXjk-KC0kr9KPbz0egLrLTSRBRqAovwc9plMoe2274ZtTmtagEyJY_jK0T6-dO-gSKO5QN26f-pz_iMoY
Request Chain 381
  • https://um.simpli.fi/gp_match?google_gid=CAESEHazSD7tWC463B2i6GZkymU&google_cver=1&google_push=AQvitUKMFw83W_0CcTRjq8nCuHl6B8Uea-600NCnW7jsV8afgTYkyNMvmlmKtZwZ7RD-doWXKPZT43vxSJ5-0-6Mx1_LOKyTBdkp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUKMFw83W_0CcTRjq8nCuHl6B8Uea-600NCnW7jsV8afgTYkyNMvmlmKtZwZ7RD-doWXKPZT43vxSJ5-0-6Mx1_LOKyTBdkp
Request Chain 383
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEFSbn2_DyXgvnSMUnwskn8&google_cver=1&google_push=AQvitUJVg9kovfTOiDF5abZIh3AdTiMI3puyXN35j5qCfno_jONol0MTgXnvUeVN7cMw8s5hzi575ynTrjgYgVOIF8mH00DiUMv4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJVg9kovfTOiDF5abZIh3AdTiMI3puyXN35j5qCfno_jONol0MTgXnvUeVN7cMw8s5hzi575ynTrjgYgVOIF8mH00DiUMv4&google_hm=8qC5p0O0RGePGPwETkLSLXI
Request Chain 384
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDnGx8aoSUeGire8-5oFZC0&google_cver=1&google_push=AQvitUIhAWF3yp3UIGkgufTEW-506KhNq7yWXBwINSibrSrUAO1TLEdh4budfrrbtNtG-GWJO8DReOZcqJ5uDwsO_DBN8wpVC2uA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzU0MDg3NDg0ODE3MjE3Nw%3D%3D&google_push=AQvitUIhAWF3yp3UIGkgufTEW-506KhNq7yWXBwINSibrSrUAO1TLEdh4budfrrbtNtG-GWJO8DReOZcqJ5uDwsO_DBN8wpVC2uA
Request Chain 385
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG7tCY6mWE_TpnTmjsoioac&google_cver=1&google_push=AQvitUIpgZxuYv4n3a8njucUNUYyItfcOG10VaCKGvUUWezwqhOW1V3OkmwIxxhrP6v9PpHBMknEKL12ZL6OHsQPVfqAY0e3P_Hl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIpgZxuYv4n3a8njucUNUYyItfcOG10VaCKGvUUWezwqhOW1V3OkmwIxxhrP6v9PpHBMknEKL12ZL6OHsQPVfqAY0e3P_Hl&google_hm=MTY4OTc2Nzc0NDg3ODY0MDc2Mw%3D%3D
Request Chain 386
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU&google_cver=1&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk
Request Chain 389
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 394
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 396
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIKbh50ktGV6lYHHkeqDbM8&google_cver=1&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDNUfjTrcU HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIKbh50ktGV6lYHHkeqDbM8&google_cver=1&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDNUfjTrcU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDNUfjTrcU&google_hm=YpUMSOiwSROxElifPwrYBw==
Request Chain 398
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMRQsW2Kvx4SQb0BanUsiXvU HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMRQsW2Kvx4SQb0BanUsiXvU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzMzM2MTE1ODMxNDYzMzcwNQ&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMRQsW2Kvx4SQb0BanUsiXvU
Request Chain 400
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWjLYep9cAlpYaE3DvDrAg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWjLYep9cAlpYaE3DvDrAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWjLYep9cAlpYaE3DvDrAg
Request Chain 408
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 432
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitUJX8vSj2--UCGDPMmObO6437KC3sBb2yVJawh7h_cjoGYwTTUt3CSnfn1Wj-YD8-weI8Ehph7ry3bB8fJ29KCjxkud4sQY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk5NDQzMTkyMzgwNjczNjExMA== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Request Chain 434
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJiVhSOU_wRjPCEcB5uCkeUEeh5FRWU7et-P4kjXK7QzNY2vqngXbIHRF6xP5_mzsCetrr_-5Y0MsJrKwWy3O4S4CF0kXor HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJiVhSOU_wRjPCEcB5uCkeUEeh5FRWU7et-P4kjXK7QzNY2vqngXbIHRF6xP5_mzsCetrr_-5Y0MsJrKwWy3O4S4CF0kXor HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJiVhSOU_wRjPCEcB5uCkeUEeh5FRWU7et-P4kjXK7QzNY2vqngXbIHRF6xP5_mzsCetrr_-5Y0MsJrKwWy3O4S4CF0kXor
Request Chain 435
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMwqEolHza_BhWHtbKVVauQ&google_cver=1&google_push=AQvitUJxzhdr926r-XjBAvQqGWfvaamS-FUMxQ4Wie2p6PNR3hLshUOf6xeXe84GjX-ddKn0fP-8uqGCeqOdYuaKrZmqhEU3HDHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k4xgo3eIRgCXNICBO3y6DQ&google_push=AQvitUJxzhdr926r-XjBAvQqGWfvaamS-FUMxQ4Wie2p6PNR3hLshUOf6xeXe84GjX-ddKn0fP-8uqGCeqOdYuaKrZmqhEU3HDHg
Request Chain 436
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKQqjReZ77KqmmUCBNPNcg&google_cver=1&google_push=AQvitUIEsMkud-doH50pIKxyoR8E8gxEIQn5RNS1Sa1PsQ2pTC25LQuLLJrkQQOkOLbWlRzp3Rr2o7JtXRcI9xSYUvbi1z1prg0N HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitUIEsMkud-doH50pIKxyoR8E8gxEIQn5RNS1Sa1PsQ2pTC25LQuLLJrkQQOkOLbWlRzp3Rr2o7JtXRcI9xSYUvbi1z1prg0N
Request Chain 437
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91YIfDDvP5NkjTfyyCmL3kneoSacFTtc_iEwo8bKTL HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91YIfDDvP5NkjTfyyCmL3kneoSacFTtc_iEwo8bKTL&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=G3dM55rnNh63wbPz3_Mqpg&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91YIfDDvP5NkjTfyyCmL3kneoSacFTtc_iEwo8bKTL
Request Chain 438
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIKbh50ktGV6lYHHkeqDbM8&google_cver=1&google_push=AQvitUIvwki1qD-RFUonqfXMUQoZRv0fMl2zAgSbgDHupT4a2hJkZaLvV9vylAbk-oRoqThqJqaxtFq2080ieAXCc9U5vBHUClsx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUIvwki1qD-RFUonqfXMUQoZRv0fMl2zAgSbgDHupT4a2hJkZaLvV9vylAbk-oRoqThqJqaxtFq2080ieAXCc9U5vBHUClsx&google_hm=YpUMSOiwSROxElifPwrYBw==
Request Chain 444
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitUJVmZv0gDT65MX-uCjD4_0nq8Go1Zn4_-t9b9i-F-elFCwU13n1Ic_DKtxisOTJvNEvJU-4JkEFeHz9Vj65ddLL1Z5ZCOUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk5NDQzMTkyMzgwNjczNjExMA== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Request Chain 445
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJy3Tc4_cX5WyHCdGBsgj0_4tZZQjUejBJGj-A28hAUejPzH2fx9wh9OuOXC2Chuj2TPSxqiTLCJ8gZF6nrzFVyloajfar8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJy3Tc4_cX5WyHCdGBsgj0_4tZZQjUejBJGj-A28hAUejPzH2fx9wh9OuOXC2Chuj2TPSxqiTLCJ8gZF6nrzFVyloajfar8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJy3Tc4_cX5WyHCdGBsgj0_4tZZQjUejBJGj-A28hAUejPzH2fx9wh9OuOXC2Chuj2TPSxqiTLCJ8gZF6nrzFVyloajfar8
Request Chain 447
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEFSbn2_DyXgvnSMUnwskn8&google_cver=1&google_push=AQvitULlttaQuM1dhRIDNo-yehA9UdY801Phr6BzPBc1s7bH4ORyATnGxUzS0q31UO4iKZi3mEz11m4Rt3eRAoVzu1FExQTUW5gh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULlttaQuM1dhRIDNo-yehA9UdY801Phr6BzPBc1s7bH4ORyATnGxUzS0q31UO4iKZi3mEz11m4Rt3eRAoVzu1FExQTUW5gh&google_hm=8qC5p0O0RGePGPwETkLSLXI
Request Chain 449
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU&google_cver=1&google_push=AQvitUKxLKNdRxvgkO5H9H59FMGTAC4DoB_pdWYr_LhsEpk55zmBxRLjX4jI3-UH4CxvDHXhBkzsvziWVJ92z6oSJSbKOIbIMFGwSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKxLKNdRxvgkO5H9H59FMGTAC4DoB_pdWYr_LhsEpk55zmBxRLjX4jI3-UH4CxvDHXhBkzsvziWVJ92z6oSJSbKOIbIMFGwSg
Request Chain 450
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECkp9KosPiYSiRJoU-yJ6nk&google_cver=1&google_push=AQvitUKGl2EQhMtl4jHFpiT0Ra77McTlVfF-WqyqsCV4SNRjmF8sFUBHqjwVT08pH22j0uVjSHdRrtqDMDkYf2uFdFziaPuriK3P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKGl2EQhMtl4jHFpiT0Ra77McTlVfF-WqyqsCV4SNRjmF8sFUBHqjwVT08pH22j0uVjSHdRrtqDMDkYf2uFdFziaPuriK3P&google_hm=MjQ4OTM0NjU5Njg5MjM4NDQz
Request Chain 481
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGT2HT1LNwH_FR8n6_RW8k4&google_cver=1&google_push=AQvitUL7NkgZ3fd90i7m35thYbk9bgMc8bfT5rnbqJZXlLaqWfFx_Mzr4kT2OtiTWq5Rl0C6s5EAJK8BomQs4PC_L-jSz4CCBv7F9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL7NkgZ3fd90i7m35thYbk9bgMc8bfT5rnbqJZXlLaqWfFx_Mzr4kT2OtiTWq5Rl0C6s5EAJK8BomQs4PC_L-jSz4CCBv7F9w&google_hm=YSHqoK65bCOVKCOvVG_qEw
Request Chain 483
  • https://um.simpli.fi/gp_match?google_gid=CAESEHazSD7tWC463B2i6GZkymU&google_cver=1&google_push=AQvitULa_-4ANLoPMhaBcMy-dQmIUl_zdEAY2BNnihlPYUWb9UFwTXOVXuqIl69TBjXTLB6ofYkgvizVk6D8k7bwCuI-kftbExi- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=877EA6562FD44B23A41CFCE389E14FD9&google_push=AQvitULa_-4ANLoPMhaBcMy-dQmIUl_zdEAY2BNnihlPYUWb9UFwTXOVXuqIl69TBjXTLB6ofYkgvizVk6D8k7bwCuI-kftbExi-
Request Chain 485
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7G2xWBaDJleW8UYj8UGRTOFwlUYR-q-1kuNInQi8Gw HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7G2xWBaDJleW8UYj8UGRTOFwlUYR-q-1kuNInQi8Gw&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qey46monIz8_Padsnir0zg&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7G2xWBaDJleW8UYj8UGRTOFwlUYR-q-1kuNInQi8Gw
Request Chain 486
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG7tCY6mWE_TpnTmjsoioac&google_cver=1&google_push=AQvitUJVojJsdINBSbcey5HsaMZh3u4-HwxBAj9D1KxVISKruxgcJY5kCCsqoFdsQXyWhaJ9dqFtJpjHZGJHiHa9HSp0oS76Krf5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJVojJsdINBSbcey5HsaMZh3u4-HwxBAj9D1KxVISKruxgcJY5kCCsqoFdsQXyWhaJ9dqFtJpjHZGJHiHa9HSp0oS76Krf5&google_hm=MTY4OTc2Nzc0NDg3ODY0MDc2Mw%3D%3D
Request Chain 487
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitULQkpp6xx0cOsy4DGof2U8C87qCk_JaiXnXg7bTdvAs6GYcdigs6fS5lacp0D2lDbBjYpserB0KL58GNaBL4y2o1_HINcUdiQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitULQkpp6xx0cOsy4DGof2U8C87qCk_JaiXnXg7bTdvAs6GYcdigs6fS5lacp0D2lDbBjYpserB0KL58GNaBL4y2o1_HINcUdiQ
Request Chain 492
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitULOtI1X5RmrVjIUhSRO_ugKmhGOh_4aBqHiQgIz6HJMajAIGSQep2Z3o84Xj7eynot9_8E9R4Y1dZKCUkuBm1V9x5DggRBJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitULOtI1X5RmrVjIUhSRO_ugKmhGOh_4aBqHiQgIz6HJMajAIGSQep2Z3o84Xj7eynot9_8E9R4Y1dZKCUkuBm1V9x5DggRBJ
Request Chain 493
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik76UhlMfN1bzfMZUcrJiGfnUuymGxFHqZPQ6X4oI HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik76UhlMfN1bzfMZUcrJiGfnUuymGxFHqZPQ6X4oI&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=3s_4cCZjnbyGPD163YroYg&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik76UhlMfN1bzfMZUcrJiGfnUuymGxFHqZPQ6X4oI
Request Chain 495
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ&google_cver=1&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ
Request Chain 496
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa1M9mWt82gBBqlB43BGtIJyusELLNd6HQKnsg HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa1M9mWt82gBBqlB43BGtIJyusELLNd6HQKnsg&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa1M9mWt82gBBqlB43BGtIJyusELLNd6HQKnsg&apid=UP268d9782-b7b1-11eb-add7-06a874123cfa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNjhkOTc4Mi1iN2IxLTExZWItYWRkNy0wNmE4NzQxMjNjZmE%3D&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa1M9mWt82gBBqlB43BGtIJyusELLNd6HQKnsg
Request Chain 497
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUJNiWA25wgCSKTOdIqA3cwN74FYBJeGxV8Od1Mp_zDh31N2-2afmolmoVa9HE5gtApY79AcpeHfMLcDqhYGha5F3zPjoymD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yRUI1SHRORTJ1RnJhWTEzNkh2S0RsUnJLbEswd0J2Tn5B&google_push=AQvitUJNiWA25wgCSKTOdIqA3cwN74FYBJeGxV8Od1Mp_zDh31N2-2afmolmoVa9HE5gtApY79AcpeHfMLcDqhYGha5F3zPjoymD
Request Chain 504
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 509
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitUItpHeW-nz-szpu6Ahvtvanf5frj5VHK6qu2aGs84b75VyF1VJKP5VTyvmlihQegIoX15wY7FsXOU3AYbmExvRhxE9Dzg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk5NDQzMTkyMzgwNjczNjExMA== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Request Chain 512
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKQqjReZ77KqmmUCBNPNcg&google_cver=1&google_push=AQvitULVV4J-mW2KthYDpcOooaOR0681h7mj1Ce9Kh0ujUQ5I3ZcjvEF64b9wpq95zUFt902D8YADaj4h3IOWbprQBDe4aG-mdI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitULVV4J-mW2KthYDpcOooaOR0681h7mj1Ce9Kh0ujUQ5I3ZcjvEF64b9wpq95zUFt902D8YADaj4h3IOWbprQBDe4aG-mdI
Request Chain 513
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECo-W7Qilr08xpUOYlcaByw&google_cver=1&google_push=AQvitUKnmA86BfFCqQFE6BfpKH4ymcV6mLbNGvxZaA_z3hW74uqlyNZl7hqTksLMZMfUuwf_KZiHxSIf8FsYSVy-AATBrX4F1Fs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKnmA86BfFCqQFE6BfpKH4ymcV6mLbNGvxZaA_z3hW74uqlyNZl7hqTksLMZMfUuwf_KZiHxSIf8FsYSVy-AATBrX4F1Fs
Request Chain 514
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU&google_cver=1&google_push=AQvitUIFKTnZnqJ6tFCfEhcvBhzs0pcCvAdlQgmYUr71NM5UjfEvtdUhrXQgqNXtidl-DyX6Pi6uz0a6VLE0-DJ7FOkZb-MRZ28 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUIFKTnZnqJ6tFCfEhcvBhzs0pcCvAdlQgmYUr71NM5UjfEvtdUhrXQgqNXtidl-DyX6Pi6uz0a6VLE0-DJ7FOkZb-MRZ28

499 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mlpa-first-screening-method-43225044
heb.kyhistotechs.com/ 		59 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2087ec4b5d946c42725372e1e1b9423f315ba3751aa02a6babdeca6dada78d8

Request headers

:method
GET
:authority
heb.kyhistotechs.com
:scheme
https
:path
/mlpa-first-screening-method-43225044
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
expires
Wed, 19 May 2021 08:15:00 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
0a2023f6c80000e6145d109000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TN6sfcW%2BxxhiTdnKgb2uje1w5%2F%2BzDL5HaR4IrXa%2FKuZASZ%2BLnjBSoObfdxfthKbQ%2FODBaUuj8ZlMBtMI3VCTMAHhF8fqRo43mecoD9HoycICipIZrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6513a29e0927e614-LHR
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
optr_19071801.js
cdn.zx-adnet.com/adx/ 		146 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/optr_19071801.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afea91831fc0b1a4d198a45ea27d2a8aaa98c15daa86b9673a318794932705f1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325701.995980,VS0,VE1
etag
"a315693320c62f77afa7d7d5a7649898697a782b6e166559cc8e82af6d440aef-br"
x-served-by
cache-cdg20723-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Tue, 18 May 2021 08:15:00 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19853
x-cache-hits
1
mlpa-first-screening-method.jpg
i.kyhistotechs.com/img/genetics-in-medicine/86/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/genetics-in-medicine/86/mlpa-first-screening-method.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d603ae90f176e2ce9379ff90bce1fd6109faa73157b0964c885ad95ef9a09892

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8314
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33991
cf-request-id
0a2023f76b0000e614d421d000000001
last-modified
Thu, 05 Dec 2019 14:06:35 GMT
server
cloudflare
etag
"84c7-598f56fe8f456"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9wS5WxDYnsyqIHLjPqWJsJpLHcAEB7fWmxA4%2FA7PEDqJdja00ujFBmAxIMd9cOHR2m0truVwjgHpwiGmLcvhxPFEBux1A014oCoauwqa7SyVsDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a29f0a80e614-LHR
expires
Wed, 18 May 2022 05:56:26 GMT
mlpa-first-screening-method_1.jpg
i.kyhistotechs.com/img/genetics-in-medicine/86/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/genetics-in-medicine/86/mlpa-first-screening-method_1.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
629a967236cf340cab6a08aa47f6442776b199ba7cc480b8f701bdd1418afc26

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8314
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55465
cf-request-id
0a2023f76b0000e61481919000000001
last-modified
Thu, 05 Dec 2019 14:06:35 GMT
server
cloudflare
etag
"d8a9-598f56fed0b36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yLGl8tX2FelF1%2Fb6EpelTVMrFEW6ZqI33FwKniQrby8yeSg1P8WNAMmHsk%2FP9rmol8tnicAsWbaVmEuLq38u6MwHTb0sWnZ%2FdBEBwEba%2F8hx4bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a29f0a81e614-LHR
expires
Wed, 18 May 2022 05:56:26 GMT
mlpa-first-screening-method_2.jpg
i.kyhistotechs.com/img/genetics-in-medicine/86/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/genetics-in-medicine/86/mlpa-first-screening-method_2.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052acd6af31f6777b169b29949258dc0d5e1de797239b9747c9a4c2a67201b24

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8314
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27519
cf-request-id
0a2023f76b0000e61450b8b000000001
last-modified
Thu, 05 Dec 2019 14:06:35 GMT
server
cloudflare
etag
"6b7f-598f56fed0b36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8ATmVrTv7XtiUMxO0ik%2FST0iU8KKWHbqvhO7hci%2FunhlImS8qIgpL9zB5x9PkaKiHZgHrkzp371UgJzOfoDudUJg5QYfh1dsAu0q%2FZMsEBk4hi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a29f0a7fe614-LHR
expires
Wed, 18 May 2022 05:56:26 GMT
mlpa-first-screening-method_3.jpg
i.kyhistotechs.com/img/genetics-in-medicine/86/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/genetics-in-medicine/86/mlpa-first-screening-method_3.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab669953a886b842980a1da01edee0d309890c89ea56a55a929de7df37c1c87

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8314
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23093
cf-request-id
0a2023f76b0000e6145426a000000001
last-modified
Thu, 05 Dec 2019 14:06:35 GMT
server
cloudflare
etag
"5a35-598f56fedd656"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xhjjTid%2B8z1jiceMau9LoRjniFanwokHeT8Ju0xWHpcQT5IwCdHDeykps3f9X24xKo34h2LK5FRiFgcQtdTzwe47TXNH8HrvQ1IP46GopUMvrgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a29f0a82e614-LHR
expires
Wed, 18 May 2022 05:56:26 GMT
css
fonts.googleapis.com/ 		4 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7b13e2fe36a875b5906c49bc5330711916ea2f4173c4ffa8d2a01059815f020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 08:15:00 GMT
server
ESF
date
Tue, 18 May 2021 08:15:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:00 GMT
bootstrap.min.css
kyhistotechs.com/template/css/ 		121 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kyhistotechs.com/template/css/bootstrap.min.css
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2cd69e925b0573ddbd75261986dc5900abdb6093c5dd745d2cb05099aac436

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
972385
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2023f76a0000e6147908f000000001
last-modified
Sat, 27 Feb 2021 05:17:16 GMT
server
cloudflare
etag
W/"1e3d5-5bc4a7f80eb52-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FG9p4v%2BqgJWsX3QD%2BjevsuLmerZrSCZKdCoeMpWwMG5J7bohbY0pa7KJW0VFWT6f2%2Buw788zh9wX2zM0OQfZprw4sYsSLDPT0%2BmozHywb59J"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
6513a29f0a7de614-LHR
expires
Fri, 21 May 2021 02:08:35 GMT
style.css
kyhistotechs.com/template/css/ 		44 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kyhistotechs.com/template/css/style.css
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cb091349aaf7ec3613dc2c8ef682ddf9ccdb5ff5f119770ca05a356d109603

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
972385
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2023f76a0000e614ca142000000001
last-modified
Sat, 27 Feb 2021 05:17:16 GMT
server
cloudflare
etag
W/"ae3d-5bc4a7f885d92-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RAMAQ3sg%2FHsyPVD%2FoPOZhQ27%2Bw2mBPiJVOG6L%2BuyzFbL9pvkKAHv4hDh5IiRtSAfMDio6vFNOXXiGsqsPQV23ZKLnifHx0yqtChWnJARNosV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
6513a29f0a7be614-LHR
expires
Fri, 21 May 2021 02:08:35 GMT
jquery.min.js
kyhistotechs.com/template/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kyhistotechs.com/template/js/jquery.min.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
972385
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2023f7690000e614c6282000000001
last-modified
Thu, 18 Jul 2019 01:51:55 GMT
server
cloudflare
etag
W/"14e4e-58deadab964c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yv84om7rJBk42nsx9ozLan0a5J7ZsAeZWwIRUogCPgexotiQB75tojRnC2s8U37H9YR%2B2VcQeKTOW7A6bzqy7idzlSiSqHB4rMuCpmYa7lsF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
6513a29f0a79e614-LHR
expires
Fri, 21 May 2021 02:08:35 GMT
bootstrap.min.js
kyhistotechs.com/template/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kyhistotechs.com/template/js/bootstrap.min.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
972385
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2023f76a0000e614c302a000000001
last-modified
Thu, 18 Jul 2019 01:51:55 GMT
server
cloudflare
etag
W/"90b5-58deadab964c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=omic7ANtpDRw70P%2B67iC3tJzJzmtuq3p0KYe%2FkjzWA5jxanPkfXJJnuBF1MINQLHbzgTrgTa3%2F4%2FO%2FyBWy7aAq3a3O79oLsTOPwavqPRP7dp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
6513a29f0a7ce614-LHR
expires
Fri, 21 May 2021 02:08:35 GMT
main.js
kyhistotechs.com/template/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kyhistotechs.com/template/js/main.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f504ccb6c20e2bd16e5d8f01f673b3d454bbfc8f9767c029967c293f4ee723a8

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
972385
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2023f76b0000e614d5397000000001
last-modified
Thu, 18 Jul 2019 01:51:55 GMT
server
cloudflare
etag
W/"aa5-58deadab964c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gsvCItNcigbaNoN78cXlqQCjlWwqoEgjbz3BLTZv3ANqCBY29Esa8NtpkzW7pYVAt5G%2F4ErR5FmEeOyRpJPUlklICPERe9SQ7xJTvXDhTm%2FC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
6513a29f0a7ee614-LHR
expires
Fri, 21 May 2021 02:08:35 GMT
gm2wkzjzga5ha3ddf42a
lib1.biz/code/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib1.biz/code/gm2wkzjzga5ha3ddf42a
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.198.248.128 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
65d0e5055eae8835ec4305039482c8c2655e27b25ba8aaacfc7e23e4e171722c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 18 May 2021 08:15:01 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
adManager.js
cst.cstwpush.com/static/
Redirect Chain
  • https://cst.wpu.sh/static/adManager.js
  • https://cst.cstwpush.com/static/adManager.js
59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.cstwpush.com/static/adManager.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d68a718d6ed924d01a6eb2d4ac4b312f67946332eb1cfc62c1bb3dd7635fa6cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 08:15:01 GMT
Connection
Keep-Alive
Last-Modified
Wed, 12 May 2021 11:23:24 GMT
x-amz-meta-s3cmd-attrs
atime:1620818588/ctime:1620818588/gid:0/gname:root/md5:459921870454e0ca43e08f37ad97abb6/mode:33188/mtime:1620818559/uid:0/uname:root
x-amz-request-id
tx0000000000000147ade1b-0060a37269-fb33aff-fra1a
etag
"459921870454e0ca43e08f37ad97abb6"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1621325701.dop040.pa1.t,1621325701.cds215.pa1.shn,1621325701.dop040.pa1.t,1621325701.cds046.pa1.c
Content-Type
text/plain
Cache-Control
max-age=2292
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
60202

Redirect headers

location
https://cst.cstwpush.com/static/adManager.js
date
Tue, 18 May 2021 08:15:01 GMT
server
nginx/1.18.0
content-length
169
content-type
text/html
logo.png
kyhistotechs.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kyhistotechs.com/logo.png
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af06bb0e1811f993c30fdc79a65ba026cf7978954f245a9876948c0d4931c854

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171397
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8610
cf-request-id
0a2023f77a0000e614a30e3000000001
last-modified
Fri, 15 Nov 2019 12:33:28 GMT
server
cloudflare
etag
"21a2-59761ce0af600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=glcddHPoGFKdBfW3SCy9ofmMRHHR%2Fw994ZGNnMAU5Qz%2FhFY%2FqAcUCtOdgEFf5yOxR9qZuxkkzYtaCgmTCrW%2FKCna0uVeGIvHohsxcPRKvl9y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a29f2ab2e614-LHR
expires
Sat, 23 Apr 2022 05:05:03 GMT
abs.js
cdn.zx-adnet.com/adx/ 		200 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.7174942274309799
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325701.037915,VS0,VE287
etag
"437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by
cache-cdg20723-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Tue, 18 May 2021 08:15:01 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
118
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.8048329584941987
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.109045,VS0,VE235
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
7864a92f4d88f52cc2f94e822947c06b
cache-control
private
function-execution-id
05ipy0xhkh8e
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.7542403484045508
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.109127,VS0,VE264
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
f2ffa2ad601696c38b329fe75751cf15
cache-control
private
function-execution-id
c800g883ngl6
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.7697560276170232
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.109125,VS0,VE265
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
f27debb2e684e9fb353cbc8bb58c931f
cache-control
private
function-execution-id
b226ihsxa198
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.5085520817015072
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9ae7fbe3d1925e4fd61007b31080c8ed6883235b1b45e7cec0bae6f7e4926266

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxwe1-bUasBdcjxWHarlSUlOVmUtMtcOCXnrn4BnhOsYWgRhXbGc4e8RmaaFCvd4RjGeG5pxClUXFkNvd_Oyw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2787
last-modified
Tue, 18 May 2021 08:13:34 GMT
server
UploadServer
etag
"50edabfd08daed28c2048cbbe9d97d54"
vary
Accept-Encoding
x-goog-hash
crc32c=a3empg==, md5=UO2r/Qja7SjCBIy76dl9VA==
x-goog-generation
1621325614749354
cache-control
public, max-age=31536000
x-goog-stored-content-length
2787
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 18 May 2022 08:15:01 GMT
tic
site2text-2021.web.app/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.9688448407237589
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.109391,VS0,VE289
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
f0f15b75d91538ccd1421355da958f2f
cache-control
private
function-execution-id
aknzuqmq5hx7
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.4290677314170386
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9ae7fbe3d1925e4fd61007b31080c8ed6883235b1b45e7cec0bae6f7e4926266

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uza9wbG6qrA6fTwhzCGvKsYIKFhz0DTPsKfm0uCyiyCbX_AKbVXI9MddRLi7WTd9ieUqGYPIzkUbrdmcknWrA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2787
last-modified
Tue, 18 May 2021 08:13:34 GMT
server
UploadServer
etag
"50edabfd08daed28c2048cbbe9d97d54"
vary
Accept-Encoding
x-goog-hash
crc32c=a3empg==, md5=UO2r/Qja7SjCBIy76dl9VA==
x-goog-generation
1621325614749354
cache-control
public, max-age=31536000
x-goog-stored-content-length
2787
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 18 May 2022 08:15:01 GMT
tic
site2text-2021.web.app/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.10798262629858169
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.109118,VS0,VE257
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
78eefabc71bf5c85de7a1f9b39ef9527
cache-control
private
function-execution-id
4wjirle3q6hk
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.20508277808218867
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9ae7fbe3d1925e4fd61007b31080c8ed6883235b1b45e7cec0bae6f7e4926266

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxDsO1TxFCr3Ygt9ry-c6_3-7EcTOeGPRB8FKPPmDGVBaqEoPfqYAPkhQk52icwZbBguNf2NXVaGDnik8pPYQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2787
last-modified
Tue, 18 May 2021 08:13:34 GMT
server
UploadServer
etag
"50edabfd08daed28c2048cbbe9d97d54"
vary
Accept-Encoding
x-goog-hash
crc32c=a3empg==, md5=UO2r/Qja7SjCBIy76dl9VA==
x-goog-generation
1621325614749354
cache-control
public, max-age=31536000
x-goog-stored-content-length
2787
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 18 May 2022 08:15:01 GMT
tic
site2text-2021.web.app/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.34836092757343873
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.117305,VS0,VE285
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
449ddd14ece1ab1ffef2cd4437cd2b0e
cache-control
private
function-execution-id
xx84amoqqvo8
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.04362122455159079
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.109044,VS0,VE261
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
50cdab0a5200fa52d0018f87416c0c47
cache-control
private
function-execution-id
7unp2c913eez
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.900126379585894
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9ae7fbe3d1925e4fd61007b31080c8ed6883235b1b45e7cec0bae6f7e4926266

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwdlIK3pax9dKMz9DyKjsc561mo5M3ywchDe24i8VqJh5qqoCGsRnEww731pUBjriilusIz0rFN1nSP0HyrKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2787
last-modified
Tue, 18 May 2021 08:13:34 GMT
server
UploadServer
etag
"50edabfd08daed28c2048cbbe9d97d54"
vary
Accept-Encoding
x-goog-hash
crc32c=a3empg==, md5=UO2r/Qja7SjCBIy76dl9VA==
x-goog-generation
1621325614749354
cache-control
public, max-age=31536000
x-goog-stored-content-length
2787
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 18 May 2022 08:15:01 GMT
tic
site2text-2021.web.app/ 		0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.5328808014568864
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.117439,VS0,VE277
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
eb86516ad837d618f76a7a6271d6ec13
cache-control
private
function-execution-id
sij7u5wn8v6j
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.6069821465111198
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.127394,VS0,VE331
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
4bf326c7b3ed26c4f2f36c1c8d002695
cache-control
private
function-execution-id
4q5gs1q4ofkk
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.7602139386293678
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.127374,VS0,VE241
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
2cd6cd4ddece0b07a913dfd9a5f91618
cache-control
private
function-execution-id
ewcs0uu7y954
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
tic
site2text-2021.web.app/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.8410534657514355
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.127368,VS0,VE240
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
93e4c8739ee70611082308650f7f3114
cache-control
private
function-execution-id
4r92pje7gjyc
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
mr.js
storage.googleapis.com/s2t-images/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.5148493055613594
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9ae7fbe3d1925e4fd61007b31080c8ed6883235b1b45e7cec0bae6f7e4926266

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxYpzUVDLa9D8Lro7w6lxUGrGnYtBgWmA5TQhrNeJ15CVr4mVRUXKnVTZnD_IlFaIMJjGpQ3f3XrwG4KUN4NA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2787
last-modified
Tue, 18 May 2021 08:13:34 GMT
server
UploadServer
etag
"50edabfd08daed28c2048cbbe9d97d54"
vary
Accept-Encoding
x-goog-hash
crc32c=a3empg==, md5=UO2r/Qja7SjCBIy76dl9VA==
x-goog-generation
1621325614749354
cache-control
public, max-age=31536000
x-goog-stored-content-length
2787
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 18 May 2022 08:15:01 GMT
tic
site2text-2021.web.app/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site2text-2021.web.app/tic?startqa=1&r=0.8193284100285045
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
x-powered-by
Express
x-cache
MISS
content-length
0
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.127353,VS0,VE436
x-robots-tag
noindex
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html
x-cloud-trace-context
f2583e06d55926f3abe6bb47a5552245
cache-control
private
function-execution-id
3n1x1ndx4av2
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//heb.kyhistotechs.com/mlpa-first-screening-method-43225044;0.000726288109258233
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//heb.kyhistotechs.com/mlpa-first-screening-method-43225044;0.000726288109258233
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//heb.kyhistotechs.com/mlpa-first-screening-method-43225044;0.000726288109258233
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:01 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 17 May 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:01 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//heb.kyhistotechs.com/mlpa-first-screening-method-43225044;0.000726288109258233
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sun, 17 May 2020 21:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		215 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
br
last-modified
Fri, 14 May 2021 18:55:24 GMT
etag
"609e8948-11068"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69736
expires
Tue, 18 May 2021 09:15:01 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v6/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v6/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heb.kyhistotechs.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 01:08:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
age
25618
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17008
x-xss-protection
0
expires
Wed, 18 May 2022 01:08:03 GMT
XRXW3I6Li01BKofAnsSUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAnsSUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
041f60a715023fb438203d995ce5cb286f2daf7ab2f52f356ae85671250ddd28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heb.kyhistotechs.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 23:17:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:26 GMT
server
sffe
age
32222
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18764
x-xss-protection
0
expires
Tue, 17 May 2022 23:17:59 GMT
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:700%7CNunito:300,600&display=swap&subset=cyrillic
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heb.kyhistotechs.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
age
405570
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:31 GMT
metal-organic-framework-templated-synthesis-ultrasmall-catalyst-loaded-znoznco2o4-hollow-spheres.jpg
i.kyhistotechs.com/img/scientific-reports/44/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/scientific-reports/44/metal-organic-framework-templated-synthesis-ultrasmall-catalyst-loaded-znoznco2o4-hollow-spheres.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca20ec2dc84b8bc818358b39fa128e739b5078e80a21d0fcd82852a57aabfc8

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82962
cf-request-id
0a2023f84e0000cdbf47994000000001
last-modified
Thu, 05 Dec 2019 14:32:58 GMT
server
cloudflare
etag
"14412-598f5ce46cad1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OcfWmzUfm4gK%2BdQ37wSjsvA2QFVLv1eat4LwzJLkx%2FK1vwijbps6ZG9EgrSdKnzIk7%2BgJbGKa%2FD0WTODw2W529tFyneMTYe2ia6BGM%2Bj0R0siXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e24cdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
materials-engineering-rebuilding-world.jpg
i.kyhistotechs.com/img/outlook/71/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/outlook/71/materials-engineering-rebuilding-world.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6416bd733614c6a7e0d7daf177d9e4ba1e3849d368a55562c0881f9ff0d241d2

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15376
cf-request-id
0a2023f84e0000cdbf96082000000001
last-modified
Thu, 05 Dec 2019 14:17:07 GMT
server
cloudflare
etag
"3c10-598f5959396be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZGByAIXig0OlcSftWgqCOajwV0Zm1ZlFjbdh2Ol%2FQPqK%2FCrzaI8U%2FDafQ8LYp9pHLWApgVIW3KLZ%2B9S%2BCqAl6pEtZAW99k7bTDgNbwoTRA64MGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e26cdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
multiple-unpinned-dirac-points-group-va-single-layers-with-phosphorene-structure.jpg
i.kyhistotechs.com/img/computational-materials/21/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/computational-materials/21/multiple-unpinned-dirac-points-group-va-single-layers-with-phosphorene-structure.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53978fc8501d6156b7d2af156ba213ad0e57fd2cdb86e28e9cfa20c7e77a4b0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33942
cf-request-id
0a2023f8500000cdbf7dad0000000001
last-modified
Thu, 05 Dec 2019 14:03:12 GMT
server
cloudflare
etag
"8496-598f563ca2c73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wDeM3UMprhrICvFF3rj13OY%2F7JVGO50rUH9POxg8%2BywWCCeV6AgkPTd3eCG7zOBPIqCuhvj0M0HWbHVAUWYvrBJ%2FUDAZgPSlODt3UzLIn8dORSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e33cdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
plenty-room-revisited.jpg
i.kyhistotechs.com/img/nanotechnology/19/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/nanotechnology/19/plenty-room-revisited.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604fb8a7f630dfc2b87a4de32832606ff5e24aef8ba8eb8501ef1d6c932e9707

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19907
cf-request-id
0a2023f84e0000cdbf5f2d9000000001
last-modified
Thu, 05 Dec 2019 14:13:14 GMT
server
cloudflare
etag
"4dc3-598f587aaad5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c5fP1qXhLDJKSu5IekruRCRjLD0xe2twlYmd4hGlb43GdRvh2e6h%2Fy1CZPr%2FB8D8e6o34L%2B0hvx6tUfkZagjtjONujDJHzf5w7hBBkPaiLmHOvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e29cdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
mapping-distribution-specific-antibody-interaction-forces-individual-red-blood-cells.jpg
i.kyhistotechs.com/img/scientific-reports/35/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/scientific-reports/35/mapping-distribution-specific-antibody-interaction-forces-individual-red-blood-cells.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558795619af915dc7470934d5fca01759bfa95ed7bed2d815cf75f7ca29b9913

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24820
cf-request-id
0a2023f8500000cdbf681f0000000001
last-modified
Thu, 05 Dec 2019 14:30:30 GMT
server
cloudflare
etag
"60f4-598f5c574f985"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2BYhI9lHJV%2BRIp1IMizpYU0BLRsFAxIH1xK%2BuVI1cwXOnP6WYigbu6sIYxOQ%2F7O%2Fhq88l8VuCg1ujrpen0CcxzIF0ApfMxkacWUXgPBXj8eyUgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e35cdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
organic-single-crystal-light-emitting-transistor-coupling-with-optical-feedback-resonators.jpg
i.kyhistotechs.com/img/scientific-reports/76/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/scientific-reports/76/organic-single-crystal-light-emitting-transistor-coupling-with-optical-feedback-resonators.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6af989fa3d7c58ba4661e8a709d955d586f0af1af6f7079b5396f4743a1f7e6

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57170
cf-request-id
0a2023f84f0000cdbf263e6000000001
last-modified
Thu, 05 Dec 2019 14:41:56 GMT
server
cloudflare
etag
"df52-598f5ee5bd0b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=twI8g4vojnY0NkVNSSXJDbM7eMWur2NpTvdEZ9gr4hn2TRULMJw9d5DLwSUQeaEeFqsB7YR%2FqxA5kxCaQQFOUbEGGLFOg6aIjErRfaxUwbEisy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e2acdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
toughness-strength-nanocrystalline-graphene.jpg
i.kyhistotechs.com/img/communications/51/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/communications/51/toughness-strength-nanocrystalline-graphene.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8425ec91b95544dadd5b1e7b12e664dba83bcf76e6515673c21dc0d5d67290ae

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74003
cf-request-id
0a2023f84f0000cdbf2389e000000001
last-modified
Thu, 05 Dec 2019 13:58:30 GMT
server
cloudflare
etag
"12113-598f552fe7ee5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RaJfOo1%2F%2BajIiU8btsVTF3RsGBd5FbMLU%2FZRBuz3sEG63t%2F5qHiYcwuX7DlaeAiBdWS7mgp5gWRDjznuPiMIAtjXI32jGOb%2BAYn64mRREvhu1So%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e2dcdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
brotherly-love-benefits-females.jpg
i.kyhistotechs.com/img/news-views/64/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/news-views/64/brotherly-love-benefits-females.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41af6c5e62646dea6e8b864eeaf3710f560977e0a0060c2945e4842b742760ce

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32366
cf-request-id
0a2023f84f0000cdbf8a154000000001
last-modified
Thu, 05 Dec 2019 14:14:29 GMT
server
cloudflare
etag
"7e6e-598f58c2f5a9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z98qNfZXgFfQ7mKoz8dPOcb2AZnqlqvC2KpG8re4qoAtUDO3XuqOUKc3jkwJ4%2FwfUFWr%2B%2BoZ4bZDrNKECJeWTcxogGIZKfAJ%2B4mmvnS0sWR7FBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e31cdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
why-not-take-dental-nurse-apprentice.jpg
i.kyhistotechs.com/img/bdj-team/44/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kyhistotechs.com/img/bdj-team/44/why-not-take-dental-nurse-apprentice.jpg
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.67.154.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35dac6b95460ca052f5d38f3c34a5b6e511caba02d463a0c9e8e83a96c99b18

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21313
cf-request-id
0a2023f84d0000cdbf4a1f1000000001
last-modified
Thu, 05 Dec 2019 13:47:11 GMT
server
cloudflare
etag
"5341-598f52a85a905"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZIXmT%2BupxFADwHimRDTqaEIya6zjipvUJ1tDvsVobP1Fp%2FoDSVT%2BzxVBmduKDwBRnQ5UbSuYgSRSFAjS78p1Y2Uo1PpFQs0k42ShmU8V2VyhTbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513a2a07e1fcdbf-CDG
expires
Wed, 18 May 2022 08:15:01 GMT
gw.js
site2text-2021.web.app/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site2text-2021.web.app/gw.js?0.6893652344038645
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.4290677314170386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
91d1623076be1a2861200391ceb79b7cd2cfe5e74dbfeb65ec083702f9e6644b

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
MISS
x-served-by
cache-cdg20761-CDG
server
Google Frontend
x-timer
S1621325701.222998,VS0,VE341
etag
W/"a00-umAaTWj9n9wCqoZALidXMjsGq+Y"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
22302362ca6f11b0c11f8374533f86ec
cache-control
private
function-execution-id
shlwdutl8icx
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
1349
na.nawpush.com/tags/ 		759 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/1349
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a53fe9364b05a9197587bcf2658008865dc55c5e2d645e6c50ecb209b7d0c80d

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 18 May 2021 08:15:01 GMT
cache-control
max-age=300, public
server
nginx/1.18.0
content-type
application/json
x-proxy-cache
HIT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51347e5b4036f4ff0a92ba97e5daef833e73439c5a3ff34e530179da33082cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49781
x-xss-protection
0
server
cafe
etag
6222799596991222010
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 May 2021 08:15:01 GMT
checkabuse
cdn.zx-adnet.com/ 		56 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.7174942274309799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
MISS
content-length
65
x-served-by
cache-cdg20723-CDG
server
Google Frontend
x-timer
S1621325702.508791,VS0,VE207
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
55840d5a3faac1ce226af5b80c90afe1
cache-control
max-age=3600,public
function-execution-id
lugtk332ce4l
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/ Frame 5145 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210511/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 17 May 2021 20:24:49 GMT
expires
Mon, 31 May 2021 20:24:49 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
42612
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csub.js
js.wpushsdk.com/npc/sdk/wpu/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 18 May 2021 09:15:01 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
build.js
script.clickadilla.com/in-stream-ad-admanager/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.clickadilla.com/in-stream-ad-admanager/build.js
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f87e2c64ec4e379f05f14f83bb0ad9c454672f03adbdafa64fe7bc53f8aa4a69

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
last-modified
Wed, 13 Jan 2021 15:59:10 GMT
server
nginx/1.12.2
etag
"5fff18ce-319b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
content-length
12699
x-proxy-cache
HIT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9277.kTKj0GRhn1btT83g2r5VyiQenx_4jbrXCO9Jo-ZxMYUXIn5Jl0r0RYSnlx9Je3mP.P3X0KbB0XuGDc-c8zD-XS3YLJ8M%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9277.TgypPGw0nfX6LQuknEuozup1I-88C-UrGCeZ1FxVf33HgJx8TFqB9rk9ev5A5fLj9eJ2ATH0fYpq5tlo8qq3Ug%2C%2C.P_rGr3LxgMbF3R_EBNNCafNCAzQ%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9277.TgypPGw0nfX6LQuknEuozup1I-88C-UrGCeZ1FxVf33HgJx8TFqB9rk9ev5A5fLj9eJ2ATH0fYpq5tlo8qq3Ug%2C%2C.P_rGr3LxgMbF3R_EBNNCafNCAzQ%2C
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9277.TgypPGw0nfX6LQuknEuozup1I-88C-UrGCeZ1FxVf33HgJx8TFqB9rk9ev5A5fLj9eJ2ATH0fYpq5tlo8qq3Ug%2C%2C.P_rGr3LxgMbF3R_EBNNCafNCAzQ%2C
date
Tue, 18 May 2021 08:15:01 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
last-modified
Fri, 14 May 2021 18:55:24 GMT
etag
"609e8948-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 18 May 2021 09:15:01 GMT
single
translate.googleapis.com/translate_a/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/single?client=gtx&sl=ru&tl=da&dt=t&q=%3Cp%3E%20%D0%9D%D0%B5%20%D0%BD%D1%83%D0%B6%D0%BD%D0%BE%20%D1%81%D1%82%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B4%20%D1%81%D0%BE%D0%B1%D0%BE%D0%B9%20%D0%BD%D0%B5%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B8%D0%BC%D1%8B%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D1%87%20%D1%82%D0%B0%D0%BA%D0%B8%D1%85%2C%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%BE%D1%85%D1%83%D0%B4%D0%B5%D1%82%D1%8C%20%D0%B7%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E%20%D0%BD%D0%B0%2010%20%D0%BA%D0%B8%D0%BB%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC.%20%D0%94%D0%B0%2C%20%D1%8D%D1%82%D0%BE%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%20%D0%B8%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%81%D1%8F%2C%20%D0%BD%D0%BE%20%D0%BD%D1%83%D0%B6%D0%BD%D0%BE%20%D0%B6%D0%B0%D0%BB%D0%B5%D1%82%D1%8C%20%D1%81%D0%B2%D0%BE%D0%B9%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%BC.%20%D0%AD%D1%82%D0%BE%20%D0%B4%D0%B0%D0%B6%D0%B5%20%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%20%D0%B8%20%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BC%20%D0%BD%D0%B5%20%D0%B1%D1%83%D0%B4%D0%B5%D1%82%20%D1%80%D0%B0%D0%B4%D0%BE%D1%81%D1%82%D0%BD%D1%8B%D0%BC.%20%D0%9D%D0%B5%20%D1%81%D1%82%D0%BE%D0%B8%D1%82%20%D0%BE%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D1%81%D0%B2%D0%BE%D1%8E%20%D0%BB%D0%B5%D0%BD%D1%8C%20%D0%B8%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D1%87%D1%82%D0%BE%20%D0%BD%D0%B0%D1%87%D0%B8%D0%BD%D0%B0%D1%82%D1%8C%20%D1%85%D1%83%D0%B4%D0%B5%D1%82%D1%8C%20%D0%BB%D1%83%D1%87%D1%88%D0%B5%20%D0%BD%D0%B5%20%D1%81%20%D0%BF%D0%BE%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0%2C%20%D0%B0%20%D1%81%D0%BE%20%D0%B2%D1%82%D0%BE%D1%80%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%B8%D0%BB%D0%B8%20%D1%81%D1%80%D0%B5%D0%B4%D1%8B.%20%D0%97%D0%BD%D0%B0%D1%87%D0%B8%D1%82%2C%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%20%D0%B5%D1%89%D0%B5%20%D0%B6%D0%B5%D0%BB%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B1%D0%BE%D1%80%D0%BE%D1%82%D1%8C%D1%81%D1%8F%20%D1%81%20%D0%BB%D0%B8%D1%88%D0%BD%D0%B8%D0%BC%20%D0%B2%D0%B5%D1%81%D0%BE%D0%BC%20%D0%BD%D0%B5%20%D0%BE%D1%87%D0%B5%D0%BD%D1%8C%20%D0%B2%D0%B5%D0%BB%D0%B8%D0%BA%D0%BE.%20%3C%2Fp%3E%3Cp%3E%20%D0%9D%D0%B0%D1%87%D0%B8%D0%BD%D0%B0%D1%82%D1%8C%20%D0%BF%D0%BE%D1%85%D1%83%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BD%D1%83%D0%B6%D0%BD%D0%BE%20%D1%81%20%D0%BB%D0%B5%D0%B3%D0%BA%D0%BE%D0%B9%20%D0%B4%D0%B8%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BD%D0%B5%D1%81%D0%BB%D0%BE%D0%B6%D0%BD%D1%8B%D1%85%20%D1%83%D0%BF%D1%80%D0%B0%D0%B6%D0%BD%D0%B5%D0%BD%D0%B8%D0%B9.%20%D0%9F%D1%83%D1%81%D1%82%D1%8C%20%D0%B2%D0%B5%D1%81%20%D0%B1%D1%83%D0%B4%D0%B5%D1%82%20%D1%83%D0%B1%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%BC%D0%B5%D0%B4%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%2C%20%D0%BD%D0%BE%20%D0%B7%D0%B0%D1%82%D0%BE%20%D1%83%D0%B2%D0%B5%D1%80%D0%B5%D0%BD%D0%BD%D0%BE.%20%D0%92%20%D0%BF%D1%80%D0%B8%D0%BD%D1%86%D0%B8%D0%BF%D0%B5%20%D0%B5%D1%81%D1%82%D1%8C%20%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%20%D0%B2%D1%81%D0%B5%2C%20%D0%BD%D0%BE%20%D0%B2%20%D0%BC%D0%B0%D0%BB%D1%8B%D1%85%20%D0%BA%D0%BE%D0%BB%D0%B8%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B0%D1%85%2C%20%D1%82%D0%B0%D0%BA%20%D1%87%D1%82%D0%BE%20%D0%BD%D0%B5%20%D1%81%D1%82%D0%BE%D0%B8%D1%82%20%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D1%81%D0%B5%D0%B1%D0%B5%20%D0%B2%20%D0%BB%D1%8E%D0%B1%D0%B8%D0%BC%D1%8B%D1%85%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8F%D1%85%2C%20%D0%BD%D0%BE%20%D0%B2%20%D1%80%D0%B0%D0%B7%D1%83%D0%BC%D0%BD%D1%8B%D1%85%20%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B0%D1%85.%20%3C%2Fp%3E%3Cp%3E%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%B7%D0%BD%D0%B0%D1%87%D0%BD%D0%BE%20%D0%B4%D0%BE%D0%BB%D0%B6%D0%BD%D0%BE%20%D0%B1%D1%8B%D1%82%D1%8C%20%D1%82%D0%B0%D0%B1%D1%83%20%D0%BD%D0%B0%20%D0%B8%D0%B7%D0%BD%D1%83%D1%80%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%B4%D0%B8%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D0%B7%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B0%D0%B1%D0%BB%D0%B5%D1%82%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%BE%D1%85%D1%83%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F.%20%D0%AD%D1%82%D0%BE%20%D1%81%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%BE%20%D1%81%20%D1%82%D0%B5%D0%BC%2C%20%D1%87%D1%82%D0%BE%20%D0%BF%D0%BE%20%D0%BE%D0%BA%D0%BE%D0%BD%D1%87%D0%B0%D0%BD%D0%B8%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%82%D0%B0%D0%BA%D0%B8%D1%85%20%D0%BC%D0%B5%D1%82%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BD%D0%B5%D0%BE%D0%B6%D0%B8%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%2C%20%D1%82%D0%BE%20%D0%B5%D1%81%D1%82%D1%8C%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%BC%20%D0%B7%D0%B0%D1%82%D0%B0%D0%B8%D1%82%D1%81%D1%8F%2C%20%D0%B0%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BC%20%D0%BA%D0%B0%D0%BA%20%D0%BD%D0%B0%D1%87%D0%BD%D0%B5%D1%82%20%D0%BF%D1%80%D0%B8%D0%B1%D0%B0%D0%B2%D0%BB%D1%8F%D1%82%D1%8C%20%D0%B2%D0%B5%D1%81.%20%3C%2Fp%3E&format=html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.900126379585894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0850cd2d325ed644fc1706d5384f7a6421d63040a385b8b896ead672fe2fc30a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-c6YpJN4agALPHnQDUuq0Nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-c6YpJN4agALPHnQDUuq0Nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT
single
translate.googleapis.com/translate_a/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/single?client=gtx&sl=ru&tl=da&dt=t&q=%3Cp%3E%20%D0%9D%D0%B5%20%D0%BD%D1%83%D0%B6%D0%BD%D0%BE%20%D0%BB%D0%B5%D0%BD%D0%B8%D1%82%D1%8C%D1%81%D1%8F%2C%20%D1%81%D1%82%D0%BE%D0%B8%D1%82%20%D0%B7%D0%B0%D0%BD%D1%8F%D1%82%D1%8C%D1%81%D1%8F%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BE%D0%BC%20(%D0%BF%D0%BB%D0%B0%D0%B2%D0%B0%D0%BD%D1%8C%D0%B5%2C%20%D0%B1%D0%B5%D0%B3%2C%20%D1%85%D0%BE%D0%B4%D1%8C%D0%B1%D0%B0%2C%20%D1%82%D0%B0%D0%BD%D1%86%D1%8B%20%D0%B8%20%D1%82%D0%B0%D0%BA%20%D0%B4%D0%B0%D0%BB%D0%B5%D0%B5)%2C%20%D0%B2%D0%B5%D1%81%D1%82%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BE%D0%B1%D1%80%D0%B0%D0%B7%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%2C%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D0%BB%D0%B8%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%81%D0%B2%D0%BE%D0%B5%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B5.%20%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B9%20%D0%BF%D1%80%D0%B8%D0%B5%D0%BC%20%D0%BF%D0%B8%D1%89%D0%B8%20%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD%20%D0%B1%D1%8B%D1%82%D1%8C%20%D0%BD%D0%B5%20%D0%BF%D0%BE%D0%B7%D0%B4%D0%BD%D0%B5%D0%B5%20%D1%88%D0%B5%D1%81%D1%82%D0%B8%20%D1%87%D0%B0%D1%81%D0%BE%D0%B2%20%D0%B2%D0%B5%D1%87%D0%B5%D1%80%D0%B0%2C%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%20%D1%8D%D1%82%D0%BE%D0%B3%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%20%D0%B2%D1%8B%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B5%D1%84%D0%B8%D1%80.%20%D0%A5%D0%BE%D1%80%D0%BE%D1%88%D0%BE%2C%20%D0%B5%D1%81%D0%BB%D0%B8%20%D0%B5%D1%81%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D1%8C%20%D0%BF%D0%BE%D1%85%D0%BE%D0%B4%D0%B8%D1%82%D1%8C%20%D0%B2%20%D1%81%D0%B0%D0%BB%D0%BE%D0%BD%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%BB%D0%B5%D0%BA%D1%81%20%D0%B0%D0%BD%D1%82%D0%B8%D1%86%D0%B5%D0%BB%D0%BB%D1%8E%D0%BB%D0%B8%D1%82%D0%BD%D1%8B%D1%85%20%D0%BF%D1%80%D0%BE%D1%86%D0%B5%D0%B4%D1%83%D1%80.%20%D0%96%D0%B5%D0%BB%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BE%D0%B1%D1%8F%D0%B7%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D1%82%20%D0%B4%D0%BE%D0%B1%D0%B8%D1%82%D1%8C%D1%81%D1%8F%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%B3%D0%BE%20%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D1%82%D0%B0.%20%3C%2Fp%3E&format=html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.900126379585894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e61f59487c2f8e3462591408a9231e5b0e0494967ec9456c2e15b1f820669e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iuD3v5/74BGThYFkZ5LAOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-iuD3v5/74BGThYFkZ5LAOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/56316286/
Redirect Chain
  • https://mc.yandex.com/watch/56316286?wmode=7&page-url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a...
  • https://mc.yandex.com/watch/56316286/1?wmode=7&page-url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf...
203 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56316286/1?wmode=7&page-url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A301%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A953172915902%3Ahid%3A688765238%3Az%3A120%3Ai%3A202105180101501%3Aet%3A1621325702%3Ac%3A1%3Arn%3A787307588%3Au%3A1621325702468357304%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621325700685%3Ads%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C416%3Adsn%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C416%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621325702%3At%3AMlpa%20%D7%9B%D7%A9%D7%99%D7%98%D7%AA%20%D7%A1%D7%A7%D7%A8%20%D7%A8%D7%90%D7%A9%D7%95%D7%A0%D7%94%20%D7%9C%D7%92%D7%99%D7%9C%D7%95%D7%99%20%D7%9E%D7%99%D7%A7%D7%A8%D7%95-%D7%94%D7%A9%D7%9C%D7%9B%D7%95%D7%AA%20%D7%95%D7%9E%D7%99%D7%A7%D7%A8%D7%95%D7%90%D7%99%D7%93%D7%99%D7%A7%D7%A6%D7%99%D7%95%D7%AA%20%D7%91%D7%97%D7%95%D7%9C%D7%99%D7%9D%20%D7%A2%D7%9D%20%D7%A4%D7%99%D7%92%D7%95%D7%A8%20%D7%A9%D7%9B%D7%9C%D7%99%20%D7%9E%D7%A7%D7%95%D7%A9%D7%A8%20%D7%9C-%20x%20-%20%D7%92%D7%A0%D7%98%D7%99%D7%A7%D7%94%20%D7%91%D7%A8%D7%A4%D7%95%D7%90%D7%94
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f2137138f48eaa86b3d2317e81d7ba6a1d3e49d54a83319069fcd47513e7f13e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 18-May-2021 08:15:01 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:01 GMT
last-modified
Tue, 18-May-2021 08:15:01 GMT
location
/watch/56316286/1?wmode=7&page-url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A301%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A953172915902%3Ahid%3A688765238%3Az%3A120%3Ai%3A202105180101501%3Aet%3A1621325702%3Ac%3A1%3Arn%3A787307588%3Au%3A1621325702468357304%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621325700685%3Ads%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C164%2C0%2C%2C%2C%2C416%3Adsn%3A18%2C96%2C134%2C5%2C0%2C0%2C%2C162%2C0%2C%2C%2C%2C416%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621325702%3At%3AMlpa%20%D7%9B%D7%A9%D7%99%D7%98%D7%AA%20%D7%A1%D7%A7%D7%A8%20%D7%A8%D7%90%D7%A9%D7%95%D7%A0%D7%94%20%D7%9C%D7%92%D7%99%D7%9C%D7%95%D7%99%20%D7%9E%D7%99%D7%A7%D7%A8%D7%95-%D7%94%D7%A9%D7%9C%D7%9B%D7%95%D7%AA%20%D7%95%D7%9E%D7%99%D7%A7%D7%A8%D7%95%D7%90%D7%99%D7%93%D7%99%D7%A7%D7%A6%D7%99%D7%95%D7%AA%20%D7%91%D7%97%D7%95%D7%9C%D7%99%D7%9D%20%D7%A2%D7%9D%20%D7%A4%D7%99%D7%92%D7%95%D7%A8%20%D7%A9%D7%9B%D7%9C%D7%99%20%D7%9E%D7%A7%D7%95%D7%A9%D7%A8%20%D7%9C-%20x%20-%20%D7%92%D7%A0%D7%98%D7%99%D7%A7%D7%94%20%D7%91%D7%A8%D7%A4%D7%95%D7%90%D7%94
strict-transport-security
max-age=31536000
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:01 GMT
__ZXCONSENT.ZxGetConsent
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		179 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6513a2a3df5a1f29-FRA
cf-request-id
0a2023fa6800001f29683b5000000001
clickadilla-vast.min.js
script.clickadilla.com/pb/downloads/latest/ 		45 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.clickadilla.com/pb/downloads/latest/clickadilla-vast.min.js
Requested by
Host: script.clickadilla.com
URL: https://script.clickadilla.com/in-stream-ad-admanager/build.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
df36bed7ac88363df08505fdfdfefc4a6a08055a2f548bf4fcccb92175ba4b9d

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:01 GMT
last-modified
Wed, 21 Oct 2020 22:54:47 GMT
server
nginx/1.12.2
etag
"5f90bc37-b5be"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
content-length
46526
x-proxy-cache
HIT
swmr
site2text-2021.web.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://site2text-2021.web.app/swmr?r=0.013861788677369535
Protocol
H2
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://heb.kyhistotechs.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
function-execution-id
mumv4j8ik9rs
server
Google Frontend
x-cloud-trace-context
28e3d99cf3f6985b12fe2f80fe2de570;o=1
x-country-code
FR
x-orig-accept-language
en-US
x-powered-by
Express
accept-ranges
bytes
date
Tue, 18 May 2021 08:15:02 GMT
x-served-by
cache-cdg20777-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1621325702.811352,VS0,VE196
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
swmr
site2text-2021.web.app/ 		76 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://site2text-2021.web.app/swmr?r=0.013861788677369535
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.900126379585894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
17ef0d07a33c84e6db0934329318518a6e48f6216e9439fd39b3b08b28bc6df4

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
MISS
x-served-by
cache-cdg20777-CDG
server
Google Frontend
x-timer
S1621325702.028511,VS0,VE494
etag
W/"4c-o5vUS+QX12aKyVLVhueU2GznuJ8"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
70a54b975cc39981fca2773eb63d8fc3
cache-control
private
function-execution-id
ztsu8tvmymgs
accept-ranges
bytes
x-orig-accept-language
en-US
x-country-code
FR
x-cache-hits
0
sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/ 		341 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.773057,VS0,VE1
etag
"acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by
cache-cdg20723-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Tue, 18 May 2021 08:15:01 GMT
accept-ranges
bytes
content-length
67025
x-cache-hits
1
ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/ 		230 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.894266,VS0,VE1
etag
"dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by
cache-cdg20723-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Tue, 18 May 2021 08:15:01 GMT
accept-ranges
bytes
content-length
37832
x-cache-hits
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
3db9a71ec980a39f134883ecc67767ad0061e735f7d459a58d23094928c730ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"875 / 983 of 1000 / last-modified: 1621310715"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21384
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js?zx
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/optr_19071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
277c897ff7cebee9d7caee6da53dee9f527e7c91eaa3c5efa13786396153c517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"875 / 731 of 1000 / last-modified: 1621310715"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21383
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.15387319986850923
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.4269685938456902
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.4269685938456902
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.4269685938456902
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.2869069878760393
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.9975474862866753
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.9975474862866753
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.9975474862866753
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.9445964926353048
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.10218862657020167
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.10218862657020167
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.10218862657020167
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.14412348042450862
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.730396599194989
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.730396599194989
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.730396599194989
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.6665465572642817
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.6480092812629705
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.6480092812629705
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.6480092812629705
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.7526254347236405
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.9214696810340461
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.9214696810340461
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.9214696810340461
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.497279881963993
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.07016313305244548
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.07016313305244548
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.07016313305244548
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.6164335870698139
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.07653924549427615
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.07653924549427615
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.07653924549427615
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.38273841909021966
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.7848339430200646
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.7848339430200646
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.7848339430200646
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.25355641035409415
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.7475009125812513
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.7475009125812513
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.7475009125812513
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.15645443948386428
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.8596856264689017
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.8596856264689017
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.8596856264689017
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
/
mc.yandex.ru/watch/54496171/OPTR/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/54496171/OPTR/?r=0.6314580430148911
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22OPTR%22:{%22heb.kyhistotechs.com%22:{%22https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044%22:%22%22}}}&r=0.0812450894697585
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.0812450894697585
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
last-modified
Tue, 18-May-2021 08:15:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22OPTR%22%3A%7B%22heb.kyhistotechs.com%22%3A%7B%22https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044%22%3A%22%22%7D%7D%7D&r=0.0812450894697585
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 18-May-2021 08:15:02 GMT
pubads_impl_2021051301.js
securepubads.g.doubleclick.net/gpt/ 		306 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 08:39:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110161
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=heb.kyhistotechs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heb.kyhistotechs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702238&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1459&adks=2329093563&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b159c7bbc17d80e5d1cf04ca0f5c67e40d586018deb9bd91076ffe78bfe2d484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4545
x-xss-protection
0
google-lineitem-id
5171125673
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287501920
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
18a8b67c322b52a236a3c2010bac844d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://18a8b67c322b52a236a3c2010bac844d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702243&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1787&adks=2190016219&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5562db3a39e64cde5387cd8dc85784020cdab66d6a87f08a3cad33513ca752bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4607
x-xss-protection
0
google-lineitem-id
5121405043
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287458802
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702245&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2318&adks=693584274&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
22befba6435a573d830a45ae193866b3bc3506872de5d91ed538b4563119ddb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
google-lineitem-id
5121405043
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287768008
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702246&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3004&adks=811477607&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5c47b56794c209923e8d5bbfe7950ccead211b951ab0916f09c9479ea7d2a1ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4465
x-xss-protection
0
google-lineitem-id
5121403870
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275959523
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702247&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3598&adks=3295613438&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f2b63a6e0f232a5bcbd831be980d236de19bc8b1b65bc047bb05601dc4248c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4512
x-xss-protection
0
google-lineitem-id
5171125673
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287085621
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702248&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4361&adks=3845656325&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
766ac668c71292100c2d78f30c5a09932eaee1b2d8b19de53f533f55a81c7943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4598
x-xss-protection
0
google-lineitem-id
5121405043
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287458532
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702249&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=7254&adks=946864743&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
618e2e1617cd3d9be3cd35cf8c2b3d87db8fe38756e8c5272de5ee44a59fbd7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4584
x-xss-protection
0
google-lineitem-id
5121405043
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287767570
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702250&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=7718&adks=2689175346&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0c0ff321dd07d1fa16419c1de4b6de65c7c4ada2f835bebd3afe15cde9f23696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4488
x-xss-protection
0
google-lineitem-id
5121403678
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275927787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702251&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=8006&adks=367589508&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2db09ce486409eba9eb631b70e3f13faf885c7c110c0aaab314d5bbfab660b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4579
x-xss-protection
0
google-lineitem-id
5121405043
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287458805
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702252&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=8380&adks=3155406808&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f1a2dd12c618ca2bc0edb51349864f5f2edae68f8b9e8064d97da2bff458e6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4304
x-xss-protection
0
google-lineitem-id
5171125673
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287983726
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702253&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=8690&adks=2819033388&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
11bb17ebca96d704d9f3deb9e97360ef1cd8cddbf855ae78c1e9007d37b37932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4575
x-xss-protection
0
google-lineitem-id
5121405043
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138276240397
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3889155373353749&correlator=2237496517106007&output=ldjh&impl=fif&eid=31060842%2C31060989%2C31061161%2C31060398&vrg=2021051301&ptt=17&gdpr_consent=CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20210518&iu_parts=60274849%2CZX-OPTR&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site_domen%3Dheb.kyhistotechs.com%26site_topdomen%3Dkyhistotechs.com%26site_referrer%3D%26site_hash%3D%26keywords%3DMlpa%2520x%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fheb.kyhistotechs.com%252Fmlpa-first-screening-method-43225044&cookie_enabled=1&bc=31&abxe=1&lmt=1621325702&dt=1621325702254&dlt=1621325700937&idt=1257&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=8998&adks=3508879357&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fheb.kyhistotechs.com%2Fmlpa-first-screening-method-43225044&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x-1&msz=750x-1&ga_vid=11510617.1621325702&ga_sid=1621325702&ga_hid=1444429922&ga_fc=false&fws=4&ohw=1600&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
426ca72f90df53edd7703504b2b77cf1f3a68a5b00bf9c594c7164614dba632e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4522
x-xss-protection
0
google-lineitem-id
5171125673
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287983438
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heb.kyhistotechs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6CE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3dsf9el_5SW53MafG-zRDdQAxTttCR1R1YB0lBrd345p58hZOMjIC-TziZ92xP6zW-tHlVH-XpP2WEpNvODBfO4Wmn7_Hrkdr8RXfLg4lrfnjgZXxPtE_oKg3cu6QEx4DM38FClPfJw05uuzJ7yJ84HFnG1GhjgINEr3UtDjHPUmA6NFCrdAjPQuFSSaESNDluVULulskOWkO7O3dORAmG35Wk6LURe2ABWB1ac2vPeJu_vjfCyAUJ4_nZL_pH9AH6JmsZU2oPdJ4Jkxor0s7jT1HoZ61f2MRUJkVJkEbXw&sai=AMfl-YTufspFaD4kqRpjU7ZAe7q2JoP9CCksdeYR7lL960-g-ONeiM54Cv7xtb2GKiVdZF6nRA9sdThmrDRD1l09JHLhwZFc8B3vvRD8mw6jElgde4V0bia3NBeOK8IPOmU&sig=Cg0ArKJSzFaWUIy5_HQWEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.24
bk.jampartizan.com/OPTR/ Frame 6CE0 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/OPTR/HEBzxvr.24
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36cabc986091bcbd968af2321f30dcb7470f5471f6fce0d59f06bf8707dc7241
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.435185,VS0,VE1
etag
"20986735871b23fdf651cab058cca2e8995ea9fc54bbee8ebba121f081fb0947-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1172
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CE0 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251140663589"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27994
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b551990c8c74572879cda1acb611b41538978b865ba0b6c6a06bd3096c4d6f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7746
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A763 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-R5bQePmGBl8mM8zZJx-vGUPQOEYyiqw_hKSkGNAzCVeyJhjgNk0W5uOJDWkTBnghFDli3pXq8Qgn9RcbmJMlh6Ii_uG43u7DDAK7FmkacIO7h87RuHVuSmVuUpS9TaNnzgb0IpE6iQy0Z-lJRGnhTGOjtqIOWqRTF1aCNLIzRHhC5ym2L3vqRCYM3GvEPEO69_0uAQbkBQZSlMnBVoykrwY1EKFYmQVjiX-kAKgMRGoN-connPgPKBbeKpV16F161KOGgva9nQMa-IHKrcQ70tTlH_kkUlzgVzQ&sai=AMfl-YRjxof1qbDsXspCFo9wV6YpJ_xQ44pYVdEl4D29Sq8ASGuKeWRKu2d3Hon4B2CxClIA-0XKLn8C4CZGsLFfj1fxeNVRDBXM0magzqrPft_ygfFaITcd1tsUdHgvKgxB&sig=Cg0ArKJSzO2Ud8HUx8VCEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.87
bk.jampartizan.com/ZXM/OPTR/ Frame A763 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.87
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
246adef29fe1329a53847079c91950a159407881774e15b5d5df2e8cb276534c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.435295,VS0,VE267
etag
"629bdb77bd34cfd294109a1585d5c643b6680e2abccef7e380ae44297360d399-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1178
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A763 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1DB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslvs14X-Adj-22aeG5MWIOP6N4C8f6i79iUT50DgkcG71HRrxulO0KTFJGlG_lFRolQ2OpzXOUi_2buI8HfzPqE65hJA1UhypB7g9SdjzR_qHvV8fMfXvxqDWXtHLgzPmmDUH-nemSlO-JDqDyvITpuZ-DI7wcS5E7HUb0s46lxu_UIMmJELT_P5eSrzea9ytaDNKI2u7RkJaOB7uaTYTefSmNATZxsns_TM6jkV24rcFUMJ1NqvovGVrQO1-TCGcaihMpU2HI2tvUIf2acnMlkLN-LxZp3EyA1TA&sai=AMfl-YQORoqTHaPAKRxXipp5HYMB40yT_x_oE_T3QH0ki3iB9g0Bm8IvMfP-3dE9V8xl4AMkdyJmlzpc6xyD6S7f1b1gYxX9BbGMYn8FlwJU0q3DGEOeD3HsJG1iEhdF9tU&sig=Cg0ArKJSzBKLkeBtz7hHEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.71
bk.jampartizan.com/OPTR/ Frame 1DB7 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/OPTR/HEBzxvr.71
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
efd5192a828050605b052fec591f8b0015cb1b594a546a3a2df4c9648eb4a1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.435319,VS0,VE1
etag
"5db9ef402720077858a455ea019397b4f995b3f9a43e983a271a7f5dc41a2f58-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1178
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DB7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 89B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5w88NaWzFru-l95gjE0pZc80_I_OIfKjJ_I1XQkongvpQAps7sr632gtdfHI8GEV0afj2ICHbv6zAOJcwKpb9q5_bCluTFVzJuXjRPPfqaQx30eRnxZL4UTPnTFFR8tqJXGQHo7s2-RSRIY3jdf7uIn8ooTsdH05LXPw5TZXEMsG6EJXn-wdlW9j7EnZg6xNdFxfEW3FMwhMbsJXGtGDYT-lbfzuMxXP58zMfud4Hs-89Ok48ZwWPJoRktTpP2IxC10mu_d9iibH5lm29d2eGyVN0vHom7boAYYQ&sai=AMfl-YSzUyfA6ezSwjksx6UaNO0HkUrphpdN6Hwbww2qtQ-NXJG9R8ITffDONwcuvtX7o4GP8l7VpQNT-JE_Mo9P0YOCafOBtv2LlMKLZBnb2t8OinIh6IrFZpObi1Qugvg&sig=Cg0ArKJSzEXSXzwJgGGpEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.34
bk.jampartizan.com/ZXM/OPTR/ Frame 89B0 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.34
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.435303,VS0,VE265
etag
"dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1174
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 89B0 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B340 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucYj-Edn3_7mCqgHC7_MSmOoSsISqefmxPpbEgg2_tb7x5zKq0NMbGJBDXyejzvZZU-wE9grYxIhS5GMoqDY8I1TQoTQtmy3sAQ6e1FdnyFdT2ECXyUZJJA6obHdpCeaumKUp3FY9Fc-JTGisFd-wceoqTIXeJyCm9u6u31keCfUggZvpkJlfOApBJKkLn9rhBm336S_-tvtMoZaNBB6kdU_1py60V-IS4BZkLf4VPF3clANMP9QzfeGMw3dtcBZXx9mYq4ccVC0pZnStKsmMligFbY2NHabNXomQ&sai=AMfl-YRF53Rc7CbeCf1kVQRfaJMXpWQLn4T4g66pMvUtbdg81XSCCI2qhzIX3izps5MyZdnRR_IGObKfakuwKYl-13PrlEtVjfBrKIPNEXza2HGKta2EFokUmBvbddXCJ_0&sig=Cg0ArKJSzLrBuBete7HxEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B340 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d17adaaabf3ba39770ae3d30bc54f04fd0499787cc9dbe27ea94fcda79dab1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34496
x-xss-protection
0
server
cafe
etag
12910579499862359881
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 May 2021 08:15:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B340 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C138 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYd1r-jIv9eeMQKjaKRgwTTUjxPqxu92X-svT1xGGabtY3dDLjy0JwS8KejinHoB_ejLLIrDRI0GcFUzIjYlFc4j9jJ900q73J1SMdhneacBXny9o4KVikDoIKlavIsR15I3lVsKwqbQhvMZMVD_bQs2dg1aWAHBk-ymxf_TaFIpG5_CctzLHiHLggqSKOGy1cUiEL_cppFKlqYFf4jRS2SVWkvShaV4k7RGyU_yT1d9-QV_1w56OBDej5F3hwVa0yZtKF6-tdfTiuk5lY4KpLAVXAkK9U23qo39Q&sai=AMfl-YQAU8xMT6EuU6w3EOkCYjHr6p-BUUDtM_Wte_rF66MRDe7pRfmrHHzbd0W7ae_mgIU6py9BwHzdQvLxZ8PzN0mECcpWKR8LIuS0rcTNZDaiYBWqkzwXhCiLweGk960&sig=Cg0ArKJSzHVD0N1NBN74EAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.47
bk.jampartizan.com/ZXM/OPTR/ Frame C138 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.47
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.435279,VS0,VE262
etag
"dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1174
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C138 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 94BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttxVlXIgMuzhVLdjqmfXVZCOX25esVXXufJzlw4TnruSWhKBUCb0GQ-H_Fbi-LdDh6cj-xjaX28Duv7Yp7f4hy-8xMbwX7eCmdy0anBWW-wN96BrYF-w4NXrXxuIe6xgUy8drsDlLeLAF6lyWui0V2OfaI2At7ksjMAER3EhSVn2CsVW4svGg1vsLYU12PE9Y0odCDzIW88J5S_gP9geyhHtLAsWI3ing2h_SRF58aeTcOtKD5tzlp2zOhyHUrZlMure0F1SsM8xh0XAlv4qbuN9r9nqQFEGPmIE0&sai=AMfl-YQJALqjmbbmoOottsCctDpY-zxyM0-9wkvVhTHVyImjcD6oETTewchrp76bKWawx5n2MeYXRFndxhGyDEOW0mz-91cuDPykNQ7YzVwItxBB1yrKqEwSJqaJx9BschU&sig=Cg0ArKJSzA_696RbU1eoEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.80
bk.jampartizan.com/ZXM/OPTR/ Frame 94BE 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.80
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
246adef29fe1329a53847079c91950a159407881774e15b5d5df2e8cb276534c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.436108,VS0,VE1
etag
"629bdb77bd34cfd294109a1585d5c643b6680e2abccef7e380ae44297360d399-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1178
x-cache-hits
1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94BE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AB47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueHFVYtphiBoBlwKRB9KrN6b8mxVk1MDTqkXOgOEDIFN6VLCNftcM6irFM58wjfw2zaN4Nkc5hJrQ5X47Xu163PzON0M08H3chM6k3pNOcbSY6yPYZzeKe6P4sf1LgjhQ8JFfSIbgZRvc1JI7bp1LRB4S_xpvdwEc1zKSLW_C-n-EDWHDV9L1GYWLzv-akO89L05VelrDzcFASndXvkxlaGarpf5geD8d76rfmr53LjNdhGBCXttPkPB79LeXqvpv2xQHkUZxb8Yxv_HfcexvpvAHt22Z6iwGluv0&sai=AMfl-YSt3e6DUhSrDgCzdVQGyxogJAl9crTcqCviYvpOO9bZDTtkENrgORjaUosk9SqgJFWl0zSo-BX-Yguq3TriwY4Q1oXO61d5JHR46gcHv-jxifpzN2z9-9sQ7U2BFAU1&sig=Cg0ArKJSzGo6k168-xsDEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:02 GMT
HEBzxvr.79
bk.jampartizan.com/ZXM/OPTR/ Frame AB47 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.79
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
246adef29fe1329a53847079c91950a159407881774e15b5d5df2e8cb276534c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.444496,VS0,VE390
etag
"629bdb77bd34cfd294109a1585d5c643b6680e2abccef7e380ae44297360d399-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1178
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB47 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2A96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaCTZzcnbmDnUoc5kDav0KMVAxg46hTtujf_PcyGZFs-HzSGNzKtr25rHdlPs8wozmbUpB8jpxVXIwtlnMv8szgBjD1K5N-IfLtVV1NWq5GpclZdyIZd5hBu5pFvlSiet5z36S9qMoQ6k0CA50lG8XRWhM2tTURg6HerG1xiqi48m_q-J1-FDLKQc_iqj5wMN8JiY3uRxhmC-PQSgvPC9UKmApwxp3sHLdqICXous83ydi0Oz9eJZgy750cZiaZbizFwneaQLz7WByF5L6iJWcTTHGOGMO0QX82TQ&sai=AMfl-YSg8YDzF96OiIQfjSeHU3vq0yRgqMPXK74TFtQXS_cKPeA4RtLbvT1hDzcFbXDdyv6RyouqOD0s05-cSx2JPcsk8MXqD-fU-7mFkJIqZWsAOKug2EN6RnXPk3NrbHc&sig=Cg0ArKJSzMexqfaHSURUEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
HEBzxvr.57
bk.jampartizan.com/ZXM/OPTR/ Frame 2A96 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.57
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.453506,VS0,VE286
etag
"dd615af05cacdee1b2238a974184e481542d79e2bdf91caf64613feab3d739af-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1174
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A96 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 17C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY8FmxK8n331-PbGy6hsFzfZDp9kCc6ziXLm5M8jCE-sVdzH1QvGleMwiomFAjVjZVUvaJRL3eZKTbdIwYtj9slycAJ3PsyJrndmWxKF4sM6LmpdYCXLjgNI7rz4mrZZpBfkiNJbYKsnHxmSZ47QoTMLKTkSjcJd9vK5VLYUrbjszhrfMwO_OUx5iTIAGbyGgL3W93FgbQ2KlzXjZILkjPfTXhI_ruqTw7Et7YWKIfajmuqrDFE9uaXvDdFfjFMMN7s2eE7SjvHWX0KKRdbaOtm9zxGqprveSakEY&sai=AMfl-YStmOLe4hEwfInUXGwttX0SuFirRKTZI3drSjvMyp4faba4WCAsJ2mQVkZZ0bee_bSPXdJHcLxUpL5kPNbfenkpipv1Dbche35OZLCWNel3ZY8m08xlMTIId5iIYg10&sig=Cg0ArKJSzFvsqz30lcc-EAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
HEBzxvr.54
bk.jampartizan.com/OPTR/ Frame 17C1 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/OPTR/HEBzxvr.54
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
efd5192a828050605b052fec591f8b0015cb1b594a546a3a2df4c9648eb4a1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.461390,VS0,VE283
etag
"5db9ef402720077858a455ea019397b4f995b3f9a43e983a271a7f5dc41a2f58-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1178
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17C1 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 51F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4M3PV4mVh6fiO_Q9AG65ToZK81BbTQ1mNyRUF_ckZkG9HeGaSbBeCpQSZPgbC4KOD5mQdLjRvmuSV04-eETw23O-teaIOHqqh7fIY1vhygI9g-J3wNGtza2NOZglFlc4dAakJEansQsfuj3-P_M1pfIaSpdPZHVOIvG6-xdKoVJ8fUsI7cufYPLcBhov8pAChtA8daBO7GQXYZ4tUwGVta8HgvEQOj1-8ib2eAwqmb69tmXv12TpAN2mCXGueCvEGJD1wbqi0wGISk6l8kwKQiOEDvr6HYqiGRwc&sai=AMfl-YTKemNTv9WDZuI1CrXA-tQ3Av3GmwdR6-OdDSC-9EKBSksdS0o21WXHUE172MdutMKcmfxMqJ7LfKv55J4qminKx_j4r4sFqEAwF3YDv4fYAAhj2guh8vqQhC1s58A&sig=Cg0ArKJSzBBP0FTwCc36EAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 51F5 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d17adaaabf3ba39770ae3d30bc54f04fd0499787cc9dbe27ea94fcda79dab1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34496
x-xss-protection
0
server
cafe
etag
12910579499862359881
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 May 2021 08:15:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51F5 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 15DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTvvm4ffUqgnpIlrNNDMgolCCeC4WYamGyUgaG0jtPCNFJBfuGZkhU-oQ1QDy4Z9-9XTE0euVSXpI3QCZq633UwGZ0-YBXjpxfZvpUn9GMHMdyBXc15DpN7gAatMdFLWucfZJNEscsgS6E1m8kUq_V60Z8Xoo8B_y_LQZXXTyHkUdu5z14nJCLJrQlqwUVF6lOtLXKTFgrgee4j6hesaVWIh1ini5kazEuu_oHFEu-6cJONbMDun7WfQjRJINWbMtYcpiOM8_8RTujSwk00cfNsKWpXMFZstyYFQU&sai=AMfl-YRBUaJEJaFIVcU5zQ-6kJDs6wmsxp7OtOWq_SdEUrOt1DmdthPoH_xr0h7C0PKyByjRCwqbLoY_v6LyNtN6HjO_dxZoCc1EEHxLgZK0BnA581e73IR9Zf9VB7onwqI&sig=Cg0ArKJSzK7ANULCLfQkEAE&urlfix=1&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
HEBzxvr.49
bk.jampartizan.com/OPTR/ Frame 15DC 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/OPTR/HEBzxvr.49
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
efd5192a828050605b052fec591f8b0015cb1b594a546a3a2df4c9648eb4a1dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Tue, 11 May 2021 19:10:09 GMT
x-timer
S1621325702.477834,VS0,VE278
etag
"5db9ef402720077858a455ea019397b4f995b3f9a43e983a271a7f5dc41a2f58-br"
x-served-by
cache-cdg20782-CDG
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Tue, 18 May 2021 08:15:02 GMT
accept-ranges
bytes
content-length
1178
x-cache-hits
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15DC 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
truncated
/ Frame A763 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9133adb19edb051db38b256b5d53b87e47a26e35be94350aab4e438442cf6c2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6CE0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea1999fe16cc8dfea42316a2474ff33727e239a57028c2cb505bb8accf40bb89

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 89B0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1962ac6bfdd8486f77bcaaa869de3fd216400776e05cec99912000b20d1673fd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1DB7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0a62f9f000e19c2a048e9741681fc00e3e689cefde0b56aa950aad94104620d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ Frame B340 		223 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84097
x-xss-protection
0
server
cafe
etag
12558658968377452156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 May 2021 08:15:02 GMT
truncated
/ Frame B340 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
154723fafe7db172b71796e6352d76efaa9defdfc4678dad1c5aaba001cfc19d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C138 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
454699456953c6819fcc254f7d2e8e2fce2a2553f2dc54b2b90b0faa7e13ecc5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 94BE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19d48b97b2d882e67430673bc6f45669a21669cdc7bba6d06446b5af3e40ab03

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB47 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
969a527d6d4111bea817546cbfb2afcb7b794950324c376b1d55ae360fbf8ef8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2A96 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f440b8bc11f9ad357e3a0ffe7686e6c1db5debac618d633958d043a76337e401

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 17C1 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb350fa1039c2de6df2716ebfc061414f0ac1571bf493480b3023d14825d2bfb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1_optr.html
cdn.zx-adnet.com/adx/ Frame 7888
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2F...
  • https://cdn.zx-adnet.com/adx/1_optr.html
14 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/1_optr.html
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/OPTR/HEBzxvr.24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
cdn.zx-adnet.com
:scheme
https
:path
/adx/1_optr.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"9d0c9b3a0f4b769c8b6c776257fdbb9cce27ba1df331691f4a7567e895804df1-br"
last-modified
Tue, 11 May 2021 19:10:09 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Tue, 18 May 2021 08:15:03 GMT
x-served-by
cache-cdg20723-CDG
x-cache
HIT
x-cache-hits
1
x-timer
S1621325703.031346,VS0,VE1
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
2079

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.zx-adnet.com/adx/1_optr.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 813C 		82 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/OPTR/HEBzxvr.71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8294fbba07851fe7c83b3ba5171277264661be758f50fb285e75b06e6ebee42a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
25608
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame A5CB 		74 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.80
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6681f5cdc1c80bd350bb424cbbaab1210aa6e78d8d3c161b17fc736596351edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
24349
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 15DC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b71997d309df85c7af9202460017796d871fe8d3d669c2fc04111faaf319cf0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ Frame 51F5 		223 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84097
x-xss-protection
0
server
cafe
etag
12558658968377452156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 May 2021 08:15:02 GMT
truncated
/ Frame 51F5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4a2584ceddd13df99b7a25479eddf74349ede781b09cece1979bc26a4713fda

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 89DE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 18 May 2021 08:12:28 GMT
expires
Wed, 18 May 2022 08:12:28 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
154
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DEA5 		783 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
469f732297918fe6a441bc173a8a1f9a169e270528b3f24d4e98132047c708e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OeLY+04F17q2GlQkSh1jtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

expires
Tue, 18 May 2021 08:15:02 GMT
date
Tue, 18 May 2021 08:15:02 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-OeLY+04F17q2GlQkSh1jtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 73CC 		82 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.47
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c15708daf03622bb1bb165a413144e8772e11a42c99e1de8fdd559aa03f2d71d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
25596
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 88AE 		103 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.34
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22c834e7d2b7f490fe09912af417180c58bb5594ae3ad263c823dbaf6204abf0
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK_U0PTk0vACFWjhuwgdWz0DuA&gqi=hnejYPbCLsmigAf_8JeQAw&layout=/sadbundle/%24csp%253Der3%24/439731349334692011/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK_U0PTk0vACFWjhuwgdWz0DuA&gqi=hnejYPbCLsmigAf_8JeQAw&layout=/sadbundle/%24csp%253Der3%24/439731349334692011/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
37317
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 506C 		58 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.87
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f0028cdd04bb9ba31bfec09efc169f090e03a97108da41bf7a305a26d52cab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
15640
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame C394 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.57
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43de677a727214f1316a11a5a0ceb87241b37df2d68a684777f995d324f00952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
8463
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1_optr.html
cdn.zx-adnet.com/adx/ Frame C1BC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2F...
  • https://cdn.zx-adnet.com/adx/1_optr.html
14 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/1_optr.html
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/OPTR/HEBzxvr.54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
cdn.zx-adnet.com
:scheme
https
:path
/adx/1_optr.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"9d0c9b3a0f4b769c8b6c776257fdbb9cce27ba1df331691f4a7567e895804df1-br"
last-modified
Tue, 11 May 2021 19:10:09 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Tue, 18 May 2021 08:15:03 GMT
x-served-by
cache-cdg20723-CDG
x-cache
HIT
x-cache-hits
2
x-timer
S1621325703.074741,VS0,VE0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
2079

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.zx-adnet.com/adx/1_optr.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 89DE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6926
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 51F5 		12 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=heb.kyhistotechs.com&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D2bbdf1768b36eadc-2276e6e815c800b4%3AT%3D1621325702%3AS%3DALNI_MaM2g24zIpesWXS9XgPCrdo_T2ciw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 51F5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=heb.kyhistotechs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 51F5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heb.kyhistotechs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
1_optr.html
cdn.zx-adnet.com/adx/ Frame 1981
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR&adk=1016022896&adf=272530240&pi=t.ma~as.ZXOPTR&w=728&url=https%3A%2F%2Fheb.kyhistotech...
  • https://cdn.zx-adnet.com/adx/1_optr.html
14 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/1_optr.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
cdn.zx-adnet.com
:scheme
https
:path
/adx/1_optr.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"9d0c9b3a0f4b769c8b6c776257fdbb9cce27ba1df331691f4a7567e895804df1-br"
last-modified
Tue, 11 May 2021 19:10:09 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Tue, 18 May 2021 08:15:03 GMT
x-served-by
cache-cdg20723-CDG
x-cache
HIT
x-cache-hits
4
x-timer
S1621325703.118508,VS0,VE0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
2079

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.zx-adnet.com/adx/1_optr.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 51F5 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1621251140663589"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27994
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B340 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=heb.kyhistotechs.com&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D2bbdf1768b36eadc-2276e6e815c800b4%3AT%3D1621325702%3AS%3DALNI_MaM2g24zIpesWXS9XgPCrdo_T2ciw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B340 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=heb.kyhistotechs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B340 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heb.kyhistotechs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
1_zxm_optr.html
bk.jampartizan.com/adx/ Frame BD03
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM%2FZXM_OPTR&adk=1893897791&adf=816031634&pi=t.ma~as.ZXM%2FZXM_OPTR&w=728&url=https%3A%2F%2...
  • https://bk.jampartizan.com/adx/1_zxm_optr.html
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bk.jampartizan.com/adx/1_zxm_optr.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
498d014cfd917c4d67abfd729667985349392e8caa47798b0053397f7534daac
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
bk.jampartizan.com
:scheme
https
:path
/adx/1_zxm_optr.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"953453104f259f8ba2eda07f87eed9826c75e0e5377140930057fd581d2540c0-br"
last-modified
Tue, 11 May 2021 19:10:09 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Tue, 18 May 2021 08:15:03 GMT
x-served-by
cache-cdg20782-CDG
x-cache
HIT
x-cache-hits
1
x-timer
S1621325703.245612,VS0,VE1
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
1415

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://bk.jampartizan.com/adx/1_zxm_optr.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame B340 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251140663589"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27994
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:02 GMT
1_optr.html
cdn.zx-adnet.com/adx/ Frame B177
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2F...
  • https://cdn.zx-adnet.com/adx/1_optr.html
14 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/1_optr.html
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/OPTR/HEBzxvr.49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
cdn.zx-adnet.com
:scheme
https
:path
/adx/1_optr.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"9d0c9b3a0f4b769c8b6c776257fdbb9cce27ba1df331691f4a7567e895804df1-br"
last-modified
Tue, 11 May 2021 19:10:09 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Tue, 18 May 2021 08:15:03 GMT
x-served-by
cache-cdg20723-CDG
x-cache
HIT
x-cache-hits
3
x-timer
S1621325703.118261,VS0,VE0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
2079

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.zx-adnet.com/adx/1_optr.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 360F 		58 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/ZXM/OPTR/HEBzxvr.79
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
751acc5ff4010a37b057d56675ff9012607c3941b2463a83f045b2fbddc500e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
15650
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051301&jk=3889155373353749&bg=!RUalRgLNAAY59bwoOfU7ACkAdvg8WotelrLyw64YlYw2WXf7GR4FwXsoinmJcCU4bCyiThMrA0rFYwIAAABVUgAAAAhoAQcKANhG-_ddhat7axAHYVC95tr1imofDJJEbFsDeNHKHU4rIsMQTeZyLYmrWiPEzNCLxjJQ0Fd4Btw2ZtWhu5-In8VuSHD4rkHmKONoJySSPEMTDvqd0f5p2nyBu9g6rThyeZ9QcQ8XS8lTBmq5DgtHsNxeNAs-gaFkgTOGuMBHxfMLmW_Il9VxdOdB6pbM-g3X_tiOF7oNRhnZFwKHxZR0S5oQQEgtalc9r381bSqolgM2gZQ4ydz6HarlBWnaYqXrcca7bIWABBqLT5q0FHBAKmbjhcN06k3XbKCZAkoLHe2Joi-8lM4paSdXSYVsZ-Y-pY7BjwOb3KlN_zNRDTfCLrpkf7fNEy4lnIweO9GgnszYtemPpk2a4_eZuvozN3QPONq_7uUMrvdYrJueKBdTz06Urzt7WcT7b36vrGf9AFbiOY_D5hHCJRk8hYLPtpr7qKfpugoV28Sr7qH7V_Z3shYewo_QRgP2oV4W7kPNpk9v9zui247j-5P6RUIZFZ0vMlWcMhXPbYeGBv5-Hwf57UOcNXIJ4XHIkUMZaHdhk6O9F2fmpXNygghnFxJHcQpjdgneRxZR6qVpvurhdDtRUjCZrnQNm_xso9PbyLN-clLldzLfcUnMMzic5JjvcDfAgKNA1MHU5h4Z0iHgxT2XQun8gy99Qur-T_2qaN8C4k7dJ4EYL5_e5IdhnSTsdOjjBy4BQ2NdQu4KOxin6em91UUSorhqgfBcFIfGhJii5KMixpbSO_AqvkPlGmIaSR28iaCnAPQ82ursihw5xBMn3hhZNpsoBJwKmmSq08dij_bYkhVIfH8nn0bDbbKtEd6iANrVChcw-N8RW4rPtHPn5vaJTLGxSBYnFTeoKuqBQbVHGyQ8UZQEZTUXkIAydERPImjBsCSZvyJUx1wBeWxaHaMcpt5VeWBmxnOTT1XQTUzDZlzzF44_r2HtPPpXjL0SU0ELNF6grhGXXcNEFq9jnZmb6YqxkBzx2KR1BJtWQ1W3hcgEQTXwFfmjOJtgSvVn_8nSr9l1mJQCXnelEoeieWjGCgEXc5-8OJ1PS1ycasco6G0aLB-k
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 73CC 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 06:15:41 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 73CC 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 73CC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 73CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73CC 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 73CC 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 73CC 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 11:35:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
74384
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 11:35:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FF40 		67 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_optr.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea410717102dfd3fda1d1e0e72ae8edc23da61ff25f36aa6a9caaae25d9b104d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.zx-adnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.zx-adnet.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
23668
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1358 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2088 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 73CC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
997a5aba7b2ec41a919243bbb8a77c2a20e308a0cac93372973ba1bf104b7f0b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 73CC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
456181
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 13 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 73CC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
456212
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 13 May 2022 01:31:31 GMT
css
fonts.googleapis.com/ Frame 813C 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 06:15:25 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 88AE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 88AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88AE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 88AE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 768F 		102 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_optr.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f95992e8c53a5714fd94faa9f5680657f30821230bf2f352237b099d50bd1da5
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzM5_Tk0vACFdA04Aodjr0LRA&gqi=h3ejYJfDCM3H7_UP4pCHmAE&layout=/sadbundle/%24csp%253Der3%24/439731349334692011/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.zx-adnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.zx-adnet.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzM5_Tk0vACFdA04Aodjr0LRA&gqi=h3ejYJfDCM3H7_UP4pCHmAE&layout=/sadbundle/%24csp%253Der3%24/439731349334692011/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
37039
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 813C 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 813C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 813C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 813C 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 813C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame 813C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4VtoBgX54PDWCbLK7k9mg0Gpsh6aB7dj5ezFhFXvPuPjZVJo259A_Iey-g2npHS1KmvxzDXhQE-CvvheiYuiQmaj7GA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 813C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/ Frame B439 		301 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa5fd1bded9123db5891c608047cbad0a42263961c9cee5d1b987d17c5db9dcd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/439731349334692011/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 17 May 2021 10:19:38 GMT
expires
Tue, 17 May 2022 10:19:38 GMT
last-modified
Tue, 11 May 2021 20:10:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
72869
age
78925
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view_pixel_1x1.gif
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 88AE
Redirect Chain
  • https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-160752-134609-8&mkcid=4&mkevt=2&mpt=1519754208&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=542897
  • https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
ebay server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

suppress-x-frame-options
true
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
HIT from include-cache-3:80
akamai-grn
0.b5247e68.1621325704.51668fb6
content-length
57
x-xss-protection
1; mode=block
server
ebay server
date
Tue, 18 May 2021 08:15:04 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
rlogid
t6q%60uebwh%3D9whhq%60uebwh*stekt%28rbpv6702-1756a7d5019-0xc0
access-control-allow-headers
*
expires
Wed, 18 May 2022 08:15:04 GMT

Redirect headers

Date
Tue, 18 May 2021 08:15:03 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Location
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Cache-Control
private,no-cache,no-store
RlogId
t6baubqsodf%3F%3Ckuvgcp%60tqjfc*i%7Drku%28rbpv670%3D-1797e8aea4a-0x2336
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
0
dpixel
cms.quantserve.com/ Frame 2088 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGT2HT1LNwH_FR8n6_RW8k4&google_cver=1&google_push=AQvitUKZ7JE6E4eTXD5zGtMuNTXbUZMrd_9G5AxmriL6gZvMyOE_4zEaVKTwuovbZLVG4OLkMcsEL6EbzjDKO3Q0QnzPnpNNkE4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2088
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHazSD7tWC463B2i6GZkymU&google_cver=1&google_push=AQvitUJurbOnMqGl9OrO1mHmW6Bqe7dOOdSsc7Mp5Hri1tv9PikEOajo7HTC8XVFtm9UEX444fG3daOovafr6gjKuSlZGvJdSQ4I
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUJurbOnMqGl9OrO1mHmW6Bqe7dOOdSsc7Mp5Hri1tv9PikEOajo7HTC8XVFtm9UEX444fG3daOovafr6gj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUJurbOnMqGl9OrO1mHmW6Bqe7dOOdSsc7Mp5Hri1tv9PikEOajo7HTC8XVFtm9UEX444fG3daOovafr6gjKuSlZGvJdSQ4I
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUJurbOnMqGl9OrO1mHmW6Bqe7dOOdSsc7Mp5Hri1tv9PikEOajo7HTC8XVFtm9UEX444fG3daOovafr6gjKuSlZGvJdSQ4I
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 17 May 2021 08:15:03 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2088 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEksMqQcQaj7CaV0osQ-ZHo&google_cver=1&google_push=AQvitUJw7hMBWG7RuZkuhTvlWKDGxWmiTNnI2UH7dWIOYglSWoENYQCApVROu11v6zZNPHCWOF0ZK7YZxL0DycYO1zPIWFi4-vOv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:02 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 2088
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEFSbn2_DyXgvnSMUnwskn8&google_cver=1&google_push=AQvitULjFs9gyWIUFy5j6OEVXuyg9Hn9FH5JiqkzwgPBqXZNbm7OSZY1Av9UvCNerWuiFoLhxNOuHoW3cR3...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULjFs9gyWIUFy5j6OEVXuyg9Hn9FH5JiqkzwgPBqXZNbm7OSZY1Av9UvCNerWuiFoLhxNOuHoW3cR3UYuayCKA1U94mMe3B&google_hm=3_hxlKXrTuaKwnG0Mde47nI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULjFs9gyWIUFy5j6OEVXuyg9Hn9FH5JiqkzwgPBqXZNbm7OSZY1Av9UvCNerWuiFoLhxNOuHoW3cR3UYuayCKA1U94mMe3B&google_hm=3_hxlKXrTuaKwnG0Mde47nI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULjFs9gyWIUFy5j6OEVXuyg9Hn9FH5JiqkzwgPBqXZNbm7OSZY1Av9UvCNerWuiFoLhxNOuHoW3cR3UYuayCKA1U94mMe3B&google_hm=3_hxlKXrTuaKwnG0Mde47nI
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 2088 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEJP3eMfFlvE7A7efyCf2EPE&google_cver=1&google_push=AQvitUJhcndK5BH6XlPdPkEFzvhL9G0_6iRhmgY5xPWBhpmVlEJK3QdzdiyOm95tnZpWg3ZTdctDQXuv6dpZ6SKR8YoeyrTF9Y5J
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 19 May 2021 08:15:03 GMT
pixel
cm.g.doubleclick.net/ Frame 2088
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yLl6dz0-ScmAtxwEvglKYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yLl6dz0-ScmAtxwEvglKYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKe-bRjz-ZhC3VPvuGb9usW-6MXR9am5jr5jh9BSgtY8xT3IjEocjS6k6pJMRGQM9ZiSSITuWF5ADN75HzdHMgvqQgtbn1O
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yLl6dz0-ScmAtxwEvglKYQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKe-bRjz-ZhC3VPvuGb9usW-6MXR9am5jr5jh9BSgtY8xT3IjEocjS6k6pJMRGQM9ZiSSITuWF5ADN75HzdHMgvqQgtbn1O
date
Tue, 18 May 2021 08:15:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2088
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECo-W7Qilr08xpUOYlcaByw&google_cver=1&google_push=AQvitUIHyNllQl_UfNqhM5eZOco31CD607TwQFfiiUr87Xh-LG-3urx7ODn680UHmfwSTM7k30s_mcYSmmxcF3S9...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUIHyNllQl_UfNqhM5eZOco31CD607TwQFfiiUr87Xh-LG-3urx7ODn680UHmfwSTM7k30s_mcYSmmxcF3S9xQts0tDu3Crc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUIHyNllQl_UfNqhM5eZOco31CD607TwQFfiiUr87Xh-LG-3urx7ODn680UHmfwSTM7k30s_mcYSmmxcF3S9xQts0tDu3Crc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:03 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUIHyNllQl_UfNqhM5eZOco31CD607TwQFfiiUr87Xh-LG-3urx7ODn680UHmfwSTM7k30s_mcYSmmxcF3S9xQts0tDu3Crc
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
zNyGVblYQc0S40Lloci_LLqFgKMlXIBixjoR1IQwzI3kB3o_f0y4yw==
attr
cm.g.doubleclick.net/pixel/ Frame 2088 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7C1SvUdfG1naMou_RgEI0Iuh_wXVjDUpLpV8Sx7cYruBkWaD9cTb7juatNj8Pr62_pJgQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame C138 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNoIhfBINR0UclyVt5SaW-gWnft6u40hniNirH75AmYX_KNtB_17wm33HuBy2-526mq03Um4xvjVxAaHEGO2UCAp5Ike5-Exk0H8lNbrPfDdgST7eE5_Z_RXDZmQiOniqovOo8SV-gJAgR_Yk9YPxkmjigEFpLMZFRrtcwfMbLVsOZfKSC9gpcBCwjIbghjcSBwmRQDmjMdBCRPE0nonSgnFJan3yGQLogf7X6a9uGrNQUayi-iGvWp50DvQTsmxhLmdSjxMkOZuad0u2l74UL9wArmADVPPl4J_gaLQ&sai=AMfl-YQhjJD10XBvCd4zYuqFlplyo9ZBWCyzSgT9l0YhR8hY1YVH3m16N1sV3AM6zxEdK3Hj7KyaulL9akOWHDKnrHGemG0r8p-CUtfRKq4cuVZ_Lil67-PoH49KNBvSh9Y&sig=Cg0ArKJSzMwTmF8VTo6OEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:03 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6DFD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 242E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E2C8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 360F 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 07:15:29 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1358
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:03 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 88AE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ab59b169a1995eeb3698b21b8d156f8951dbba3424ed317d3d7dbb7daf9c2bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 813C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70dd9874f73344c14dd1adbc91155c64a8d625f917aca9ce39dc74412710e86f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame CD28 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.12768977642690027
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6927
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 88AE 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK_U0PTk0vACFWjhuwgdWz0DuA&gqi=hnejYPbCLsmigAf_8JeQAw&layout=/sadbundle/%24csp%253Der3%24/439731349334692011/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 506C 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 08:07:11 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 360F 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 360F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 360F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 360F 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 360F 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame 360F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBZQSSGfPaMQ-vdTIsqINdPawwLOr0_PvBmK9kHJLE1uMwJnSDswJ1KvsL3-yXVmbpZEUX7cqiNzWWA8mebrrugD8_FQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 360F 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 813C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
456181
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 13 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 813C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
456212
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 13 May 2022 01:31:31 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9566485158260473970/ Frame 360F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9566485158260473970/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
963bf96b53b56dd2ab2a9d9b80b007f515c7cfcc731b72691fd8a28c7ff09047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 09:39:18 GMT
x-content-type-options
nosniff
age
340545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3060
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 10:52:13 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:39:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3B79 		71 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_optr.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965876cead61784e97f15e149fdf547487a3aba6536dc3b9df5f9164fe7b3305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.zx-adnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.zx-adnet.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
24618
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame A5CB 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 07:41:40 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B4CC 		68 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_optr.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0b55d2fa61bad4606e2da7d24220ce9df08aebbd3f60909e34391466c2859fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.zx-adnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.zx-adnet.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
24071
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 506C 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 506C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 506C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 506C 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 506C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 506C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9566485158260473970/ Frame 506C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9566485158260473970/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
963bf96b53b56dd2ab2a9d9b80b007f515c7cfcc731b72691fd8a28c7ff09047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 09:39:18 GMT
x-content-type-options
nosniff
age
340545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3060
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 10:52:13 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 09:39:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C394 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aa6u8eQ5nESapLESRP-zLvyp0_lvLZJMCh67gLC31lBoOJTt-xxvKIOQFTZQLILZl24oyKKsnS7TcElQ8M6Qk32PA3etyQavOEEYL9RG_lnEACmjo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C394 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C394 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame C394 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame C394 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2tnMPLmhjEaTA0JcMnRGrFGS77lDpyFEDfRAkEZrSespfw_aOl2pneJTE8SQVL_v4V8cZfxzh38adELY4R1mt3MQZYg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F66E 		478 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiNu7yZATAB&v=APEucNX5EGhUCy0uwWQvubnPOJyXJOYww9zeapMbvnAcOeFnKr4MBabVBSLWJL2_HKWQ7ufaIXm7Qswx-dvEh1JSG4tGKJlzEaip6d1DyN9WkOV8ITx-0hy_NpAMXAGE4okCMK3vaYc_iv51qFwGSbjT9MX70omXnSXoeGZ-Hqyp87AKvIBr03H2Kwt5Z1enp8eLtu_mVl1bYN-oSgUyArsWNjsXzDKaTA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvjgQEQ_aOOARiNu7yZATAB&v=APEucNX5EGhUCy0uwWQvubnPOJyXJOYww9zeapMbvnAcOeFnKr4MBabVBSLWJL2_HKWQ7ufaIXm7Qswx-dvEh1JSG4tGKJlzEaip6d1DyN9WkOV8ITx-0hy_NpAMXAGE4okCMK3vaYc_iv51qFwGSbjT9MX70omXnSXoeGZ-Hqyp87AKvIBr03H2Kwt5Z1enp8eLtu_mVl1bYN-oSgUyArsWNjsXzDKaTA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C394 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcY5H-3U4H70ZuiPBWLNQZfQvxPfVv_qhxS0hqGcpKy6nUgbaZvX5KTYIfJvXYqToXw_ltdOgexIlcItjVBgoZ1OPClWJtYgCloCGd88sEN1MkTAHLENhmiU-pGDahFuNPr3NIPSe5BYKE7Ehpm6MZpPKveA&dbm_d=AKAmf-C3hxxrNiExCntyax__92joBYeNQaCmM4r7I3bW8W6pcQZqCmCSZHzo_ezG7UXxBkqG9d20vi0Sp4wo_hBJX3DAZcL2ofVF1Xm-qBsnSvRILpTg_qD5rhkDPtX0SZ-ZwLB674on_hDic4aqoZWwckpgILINDZVjeCZ9Xa5XGQJAp0MPseYrxoyK1ObIadglj0OtkDDdm1vvCdqgiy_sT968mNGwSmDcdGW8hnaJclqNK6ylIxd8iF1tSPZWdeTaqVogJRJjcn6m2G38DAxNRY5ePKBQMIWzyE_VhMghIG2UMY-n4Q3bJ2y2YHW_Bw1A1qf_ViXxAFZyGgNHGjScP_OguxLvXjCiv84EO5JtdFXYUJ8PhzwxHlVOk9cwWnc_ZgOILrp4k7w-9aTXNPXstTf5DzH1t8IwFkaXu_w2ou4-pG-fXp4PQgDpnVPROXSJqZLaE-wj6ekKlx3bWxXzq_ntJ5o_AfKAyyB8nvudy7rxRZhONEzc9AmH1-R7KgNdNAEWwbVbUsl5wawAB78Ld51vp08GNlmmbT_VQ6YCqsfYBH0Oqbr44pZeQa5sAf1rFSKR_cmd9OszRUZM356CkwCKRkAkOUtTX9ZIFAf6sjGuHSQyHQRhr43FGnFan8NVNO2z4fNXRmJ0GiBqP-STjBb8SKAX5Z7wbLmDyqBv7VLmsJV3rmdO4bkFgM2ZnrTidSIZMVDiScKNv8CkI90uj4Yn0uaqKXIuRn002dINRdWoXwHr-G59fauGJ6dCLm3ypR2ZsB8MOdliGfuuPOe3E5AUefr-wYopmzpAVaVVoUky0ZyzM1EZWg7MA3e8Pluj9E3YZfC1b79dMaX-RrmtjbiLq0-4nvUz6b5XcEJCm8zwJZZ9fT2htbcJY10GbKDO6mkS_QjYyJMG3iu8whq7GHIGPJE-KQG5yu4JJNpUv9XG5-DjRsfgT8V9j1dM-bG8newPXK9Cq7V_-cJCYescFDcBUT3sMsybxJBmMI9pkECzM01dmvQMZ4boRNavNwdZKPXYqcrfiiGVuD8_oPvdoTLjE4YxVKehiXXyE9sfPj73KJbWnISdFRSE7wjR7r7OP5E2aMnAIC5kX02J-uZPnGIqVzDS2dfNeXUYyGDem94g4jEUYPCCFP7m08P0Yw1WkyM8vwSeiWxJBr0gvqXWb_g3PG6rbMIVYOfv7L_DSY03BEb3W6JJe4YSux7CFwpKTCusdPSoGCDRJHldYRuoC4wxtuCt6SPmIpNCROiD_-YIDWwH_9N1ouuQflDvhD0btSG75JrNcTc5GFLA-XIlPr-8-1POmVyIXvvLiUjC92nUzSoIPHm1rpUGS78uAKMvz435dexF8Wdk47wAUBwJsJen986S6agr1l5o51RvbnzddB4graZRa747JDukFWc8RPi8qHAkwLwWmNAIwMJeKK67ac0zduFbhYV74kwmikQe5EZnPrS4FoDkuqFdhE5Gglu49iOyoDPT7HTmjSgLwjgvLgpLD3YrRMXP0WTR1vbMW0yUMagcVqDryhEXRnrdUMs0LN3PKxAkzumzRCoAvVsCFmigh7DgSHOSVD0YCZ3HV0snFmD2JbJWrjVV2Vq_BoJPclbi0aoWBKBmy7y3xOT8zFEHAk7tH5MD26-EQjgFbf4MeG_vQfWmAlBD5Z7BG7zv-qf4DsD9omWJImCvE2u-jLxKbsQ4aN3MMbb5nIxDdFmo9CMBsplkMs_76FWzGM3m8bgtnePvzVkSzhV_-BGyEhTFVuatDM2RX6r7xWcwrRuKMO2akW-LpfsFVO7pgtoTzF9z9qtYXL0oiiqz1exOGOkeTgRamtdo8ie2D0nExUmU_FBWTO4tGPF6r-3jBc2FAt_7azo9rpTfIeTid89GqPjlghVgCLR40Z9p2ODcqYl58DqXRT7KehVEISq0P3MHLNxf8XvJWLnl21aDZg7-1xOzKud0oQAu-uTuv-LNVcVc6BR2LBhijentNizUzaHo_6MnOPWVF5KkStC-hbCnaypotAvXoPdve7Jna3bVAH6HITPbm40JRdm4qwRvgpuHMe5HqSLstH-93k_OYDtVuySo5OBjCAgqQNDgQzITPZEfWE5bt-hKwd1l4ScnRMApVYDprD3bPk72R7BCnQjPTVidi_0cSsiB3I1TKKPaH_um6LrcTafHByin8gJmH2NT_HT8sEKPuOdHkV4jUeO6V3FeCb6jg0OX34Vzd8AQKQpTsLwS6RLusrx6eIiBM0ifWC-EZaMw_T1iTi_zB3zDwncVFffmLdAL8JyzUj0xbfLhMq2sxfxl4G74nMskwzalEDbFAujpLubR7lj2NGRdM1hZYKG0Z9eD1RTfNCwaLth0wxPMKS4DC6x3FNect272yPDZ61dGsP5GHz5qcgNms9zdOvHDI_r5HSdVPxHG5m6ae3IQa6YhoXFmBh81QhQJcKnzgg0BnT5dmAh8RC2UFzRRU_cBA74TBNCqzxT8LHAQ6afF5ffhlYkgF4q3tf62RuuCp0b6zgNAIvR_IQgrPocn7pklGUN60jxnzxoi25JW7oP_XJh1sCh9Qjt_G1Tj4zwTv204TlR5it3AMhgAAG7pVdF3qvKeNNkoozd2OD3EDue1f_Jz0s1pVT14TDhUr-Ns16HmLPxDkpUwhTuCST-INanJ5agLqgDWy4ikRq2c9-qNwO9RSFqjvwEAwVoQh-zhMqNrkMjjifMdz5zMERifIcX5DJGv65gm4wNHwwULiBmP8SP29xkSIvJjDHsSz6-FLmShqa2FYx2BLMlTSOcu50WUDR22NfKLvxQ4IuLmKI5QJ1DHU-DXBZGl-YWYyJZzDoMkxQvWs9aE9whig9cgcK0YmLbRXQ2yfYccTEODS0v0BHBPaM6P_SDoo991gXRQ&cid=CAASEuRonUp8QpN16yYOxEEn4ma_jA&rfl=2%2Chttps%253A%252F%252Fheb.kyhistotechs.com%242%2Chttps%253A%252F%252Fheb.kyhistotechs.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb505cf3491679e74f931fa61710477e9b04840bd13ad9f488b8dd243828f5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24601
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B439 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 03:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 19 May 2021 03:57:01 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B439 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 18:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 18 May 2021 18:54:40 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A5CB 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame A5CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A5CB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A5CB 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A5CB 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame A5CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7UAQCvESZRc9J2v_qC4NjzRllCXUhnzAADTirW1xueXoSQXFsRm37y0D2n3nLUNUSsK40lm6Tj7ySaysLPUTo91g3cw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame A5CB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 31C1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F768 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 360F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ec0fd7a92bcf12844a1d7b33a08ab6da4caed515327055914bd358e559418ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4B30 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1C9B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 506C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d363c72f5ae5b5833876b451c224e68b705bdf605750f6144badf7831020d5a3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		849 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35ba96e4de0c75925ba42554b9950597620516f105053d7aecd090e9971bd254

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		513 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4bbeb8565b9e9a074f2860ef597e83ffc3b9cddc067149c8ac073766b4f23c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0568ee825d193173771eee5d3e706ac72aa3665f5f1eca833ce8e81b00710fdf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		249 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7932799bcfb2c1f396bd2c3bffe04669b99e3b0ee85f4aafd7aa359948efbb9a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d50e60cc4ec0622ee92496aac8f5b379f8e12b3efd42babbc08170587b1ff3dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7aae02e5af74362667c062e1383a8d7af176cff1a8b32e0277c510ec800955e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a08583f28c0bd93e5c5e089d0f94c702789a18d01226a6bc160081620dfaca4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a267963e3f1bc576d5bd7cd3a5ddeed81bdc8c21a8a6309b89de7ec84b6036b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98462d59db945be269adf62f3c7c94a1e520071427d1f6844fef50dfad77877f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51e5421450933c22e952bba34eab7f8118861b57af9eeda51391853926f8f454

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9035ed7aeba54c288c3cac35cde13f9234b26b631271cbfa88320a621d7aaf89

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0817f40e791a83419938238717cb50aa58eabccbc29ea81f6dd8ca2fcbc4446e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6bd750f32ab3021be54d4d9eb659116655626ba214c9e1691e030c5f0c15668

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33239d4c15a977bffd8cfc0332a1002572bdbcca02898b872d8a58a225ad95b0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		1007 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28ba1d4d759b4620a8fdb82c348980da15acea24bb4740ec24ba24a4daa4d3f8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be8a48c462209c00b275af6a3cdfef62b7271408d5905cd5fbd361a15221a02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		968 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3252d3563fd11ec981f2a551dc4c164ef73ff16e6af1160f88b6c2921ca93d34

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
865f4f14ddbec8af41371750886bac0713ab94b926de9c88dab307cedb0a5e7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		925 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5edf0998558438600bedf6a73c97c138a1a54b9a2012483dc4ee94ec0d66d99a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d3c9d7c11547461b4b4ff3bfea78f815821ba2aff506d6b1a74cebdb540d924

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		915 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8018bf0da1b729ac055953d5adab7ffe6f5d14f1686e1e10f0009ddd75d75fda

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55094037c34c6e4bf2f68dd7ed35c5a558899a187c347ceee02f7552893cf4b0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		735 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ade3cf0beb041f855f83dd286626f7f37c25069e618daf0ce73fe0ebd9313bf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		642 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5ef61c9628070fe25335bab7dc60e06ca1eab089e134d5bb12efcc2a8cf88e8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		998 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8816c15b716ef5c7c89ecf62baa03b481dfbf740d6b72aca51036102076a66a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		969 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b837c4e176b27195bcf08d3f4dbfccfaefdf9d64cdbc7ab17b2a601aaf66bc32

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B439 		880 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b63e5a1d30da4a0a9f81ab9cef3b48ffcc4f208dcbf088bdc2694398a36b868

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame AE44 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1073
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5A19 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 80E4 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Requested by
Host: bk.jampartizan.com
URL: https://bk.jampartizan.com/adx/1_zxm_optr.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3457b2ffe769d4a9ba8fbea66df15cf02ca83bb96d8fd13cb3e8fc54aab8aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bk.jampartizan.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bk.jampartizan.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 May 2021 08:15:03 GMT
server
cafe
content-length
10161
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A5CB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1f4561f690e761d82007f5668da28aab2e6b5317de2140dd0cbf0af91056c31

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame C394 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 15:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59442
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 May 2021 15:44:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame C394 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcY5H-3U4H70ZuiPBWLNQZfQvxPfVv_qhxS0hqGcpKy6nUgbaZvX5KTYIfJvXYqToXw_ltdOgexIlcItjVBgoZ1OPClWJtYgCloCGd88sEN1MkTAHLENhmiU-pGDahFuNPr3NIPSe5BYKE7Ehpm6MZpPKveA&dbm_d=AKAmf-C3hxxrNiExCntyax__92joBYeNQaCmM4r7I3bW8W6pcQZqCmCSZHzo_ezG7UXxBkqG9d20vi0Sp4wo_hBJX3DAZcL2ofVF1Xm-qBsnSvRILpTg_qD5rhkDPtX0SZ-ZwLB674on_hDic4aqoZWwckpgILINDZVjeCZ9Xa5XGQJAp0MPseYrxoyK1ObIadglj0OtkDDdm1vvCdqgiy_sT968mNGwSmDcdGW8hnaJclqNK6ylIxd8iF1tSPZWdeTaqVogJRJjcn6m2G38DAxNRY5ePKBQMIWzyE_VhMghIG2UMY-n4Q3bJ2y2YHW_Bw1A1qf_ViXxAFZyGgNHGjScP_OguxLvXjCiv84EO5JtdFXYUJ8PhzwxHlVOk9cwWnc_ZgOILrp4k7w-9aTXNPXstTf5DzH1t8IwFkaXu_w2ou4-pG-fXp4PQgDpnVPROXSJqZLaE-wj6ekKlx3bWxXzq_ntJ5o_AfKAyyB8nvudy7rxRZhONEzc9AmH1-R7KgNdNAEWwbVbUsl5wawAB78Ld51vp08GNlmmbT_VQ6YCqsfYBH0Oqbr44pZeQa5sAf1rFSKR_cmd9OszRUZM356CkwCKRkAkOUtTX9ZIFAf6sjGuHSQyHQRhr43FGnFan8NVNO2z4fNXRmJ0GiBqP-STjBb8SKAX5Z7wbLmDyqBv7VLmsJV3rmdO4bkFgM2ZnrTidSIZMVDiScKNv8CkI90uj4Yn0uaqKXIuRn002dINRdWoXwHr-G59fauGJ6dCLm3ypR2ZsB8MOdliGfuuPOe3E5AUefr-wYopmzpAVaVVoUky0ZyzM1EZWg7MA3e8Pluj9E3YZfC1b79dMaX-RrmtjbiLq0-4nvUz6b5XcEJCm8zwJZZ9fT2htbcJY10GbKDO6mkS_QjYyJMG3iu8whq7GHIGPJE-KQG5yu4JJNpUv9XG5-DjRsfgT8V9j1dM-bG8newPXK9Cq7V_-cJCYescFDcBUT3sMsybxJBmMI9pkECzM01dmvQMZ4boRNavNwdZKPXYqcrfiiGVuD8_oPvdoTLjE4YxVKehiXXyE9sfPj73KJbWnISdFRSE7wjR7r7OP5E2aMnAIC5kX02J-uZPnGIqVzDS2dfNeXUYyGDem94g4jEUYPCCFP7m08P0Yw1WkyM8vwSeiWxJBr0gvqXWb_g3PG6rbMIVYOfv7L_DSY03BEb3W6JJe4YSux7CFwpKTCusdPSoGCDRJHldYRuoC4wxtuCt6SPmIpNCROiD_-YIDWwH_9N1ouuQflDvhD0btSG75JrNcTc5GFLA-XIlPr-8-1POmVyIXvvLiUjC92nUzSoIPHm1rpUGS78uAKMvz435dexF8Wdk47wAUBwJsJen986S6agr1l5o51RvbnzddB4graZRa747JDukFWc8RPi8qHAkwLwWmNAIwMJeKK67ac0zduFbhYV74kwmikQe5EZnPrS4FoDkuqFdhE5Gglu49iOyoDPT7HTmjSgLwjgvLgpLD3YrRMXP0WTR1vbMW0yUMagcVqDryhEXRnrdUMs0LN3PKxAkzumzRCoAvVsCFmigh7DgSHOSVD0YCZ3HV0snFmD2JbJWrjVV2Vq_BoJPclbi0aoWBKBmy7y3xOT8zFEHAk7tH5MD26-EQjgFbf4MeG_vQfWmAlBD5Z7BG7zv-qf4DsD9omWJImCvE2u-jLxKbsQ4aN3MMbb5nIxDdFmo9CMBsplkMs_76FWzGM3m8bgtnePvzVkSzhV_-BGyEhTFVuatDM2RX6r7xWcwrRuKMO2akW-LpfsFVO7pgtoTzF9z9qtYXL0oiiqz1exOGOkeTgRamtdo8ie2D0nExUmU_FBWTO4tGPF6r-3jBc2FAt_7azo9rpTfIeTid89GqPjlghVgCLR40Z9p2ODcqYl58DqXRT7KehVEISq0P3MHLNxf8XvJWLnl21aDZg7-1xOzKud0oQAu-uTuv-LNVcVc6BR2LBhijentNizUzaHo_6MnOPWVF5KkStC-hbCnaypotAvXoPdve7Jna3bVAH6HITPbm40JRdm4qwRvgpuHMe5HqSLstH-93k_OYDtVuySo5OBjCAgqQNDgQzITPZEfWE5bt-hKwd1l4ScnRMApVYDprD3bPk72R7BCnQjPTVidi_0cSsiB3I1TKKPaH_um6LrcTafHByin8gJmH2NT_HT8sEKPuOdHkV4jUeO6V3FeCb6jg0OX34Vzd8AQKQpTsLwS6RLusrx6eIiBM0ifWC-EZaMw_T1iTi_zB3zDwncVFffmLdAL8JyzUj0xbfLhMq2sxfxl4G74nMskwzalEDbFAujpLubR7lj2NGRdM1hZYKG0Z9eD1RTfNCwaLth0wxPMKS4DC6x3FNect272yPDZ61dGsP5GHz5qcgNms9zdOvHDI_r5HSdVPxHG5m6ae3IQa6YhoXFmBh81QhQJcKnzgg0BnT5dmAh8RC2UFzRRU_cBA74TBNCqzxT8LHAQ6afF5ffhlYkgF4q3tf62RuuCp0b6zgNAIvR_IQgrPocn7pklGUN60jxnzxoi25JW7oP_XJh1sCh9Qjt_G1Tj4zwTv204TlR5it3AMhgAAG7pVdF3qvKeNNkoozd2OD3EDue1f_Jz0s1pVT14TDhUr-Ns16HmLPxDkpUwhTuCST-INanJ5agLqgDWy4ikRq2c9-qNwO9RSFqjvwEAwVoQh-zhMqNrkMjjifMdz5zMERifIcX5DJGv65gm4wNHwwULiBmP8SP29xkSIvJjDHsSz6-FLmShqa2FYx2BLMlTSOcu50WUDR22NfKLvxQ4IuLmKI5QJ1DHU-DXBZGl-YWYyJZzDoMkxQvWs9aE9whig9cgcK0YmLbRXQ2yfYccTEODS0v0BHBPaM6P_SDoo991gXRQ&cid=CAASEuRonUp8QpN16yYOxEEn4ma_jA&rfl=2%2Chttps%253A%252F%252Fheb.kyhistotechs.com%242%2Chttps%253A%252F%252Fheb.kyhistotechs.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame C394 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcY5H-3U4H70ZuiPBWLNQZfQvxPfVv_qhxS0hqGcpKy6nUgbaZvX5KTYIfJvXYqToXw_ltdOgexIlcItjVBgoZ1OPClWJtYgCloCGd88sEN1MkTAHLENhmiU-pGDahFuNPr3NIPSe5BYKE7Ehpm6MZpPKveA&dbm_d=AKAmf-C3hxxrNiExCntyax__92joBYeNQaCmM4r7I3bW8W6pcQZqCmCSZHzo_ezG7UXxBkqG9d20vi0Sp4wo_hBJX3DAZcL2ofVF1Xm-qBsnSvRILpTg_qD5rhkDPtX0SZ-ZwLB674on_hDic4aqoZWwckpgILINDZVjeCZ9Xa5XGQJAp0MPseYrxoyK1ObIadglj0OtkDDdm1vvCdqgiy_sT968mNGwSmDcdGW8hnaJclqNK6ylIxd8iF1tSPZWdeTaqVogJRJjcn6m2G38DAxNRY5ePKBQMIWzyE_VhMghIG2UMY-n4Q3bJ2y2YHW_Bw1A1qf_ViXxAFZyGgNHGjScP_OguxLvXjCiv84EO5JtdFXYUJ8PhzwxHlVOk9cwWnc_ZgOILrp4k7w-9aTXNPXstTf5DzH1t8IwFkaXu_w2ou4-pG-fXp4PQgDpnVPROXSJqZLaE-wj6ekKlx3bWxXzq_ntJ5o_AfKAyyB8nvudy7rxRZhONEzc9AmH1-R7KgNdNAEWwbVbUsl5wawAB78Ld51vp08GNlmmbT_VQ6YCqsfYBH0Oqbr44pZeQa5sAf1rFSKR_cmd9OszRUZM356CkwCKRkAkOUtTX9ZIFAf6sjGuHSQyHQRhr43FGnFan8NVNO2z4fNXRmJ0GiBqP-STjBb8SKAX5Z7wbLmDyqBv7VLmsJV3rmdO4bkFgM2ZnrTidSIZMVDiScKNv8CkI90uj4Yn0uaqKXIuRn002dINRdWoXwHr-G59fauGJ6dCLm3ypR2ZsB8MOdliGfuuPOe3E5AUefr-wYopmzpAVaVVoUky0ZyzM1EZWg7MA3e8Pluj9E3YZfC1b79dMaX-RrmtjbiLq0-4nvUz6b5XcEJCm8zwJZZ9fT2htbcJY10GbKDO6mkS_QjYyJMG3iu8whq7GHIGPJE-KQG5yu4JJNpUv9XG5-DjRsfgT8V9j1dM-bG8newPXK9Cq7V_-cJCYescFDcBUT3sMsybxJBmMI9pkECzM01dmvQMZ4boRNavNwdZKPXYqcrfiiGVuD8_oPvdoTLjE4YxVKehiXXyE9sfPj73KJbWnISdFRSE7wjR7r7OP5E2aMnAIC5kX02J-uZPnGIqVzDS2dfNeXUYyGDem94g4jEUYPCCFP7m08P0Yw1WkyM8vwSeiWxJBr0gvqXWb_g3PG6rbMIVYOfv7L_DSY03BEb3W6JJe4YSux7CFwpKTCusdPSoGCDRJHldYRuoC4wxtuCt6SPmIpNCROiD_-YIDWwH_9N1ouuQflDvhD0btSG75JrNcTc5GFLA-XIlPr-8-1POmVyIXvvLiUjC92nUzSoIPHm1rpUGS78uAKMvz435dexF8Wdk47wAUBwJsJen986S6agr1l5o51RvbnzddB4graZRa747JDukFWc8RPi8qHAkwLwWmNAIwMJeKK67ac0zduFbhYV74kwmikQe5EZnPrS4FoDkuqFdhE5Gglu49iOyoDPT7HTmjSgLwjgvLgpLD3YrRMXP0WTR1vbMW0yUMagcVqDryhEXRnrdUMs0LN3PKxAkzumzRCoAvVsCFmigh7DgSHOSVD0YCZ3HV0snFmD2JbJWrjVV2Vq_BoJPclbi0aoWBKBmy7y3xOT8zFEHAk7tH5MD26-EQjgFbf4MeG_vQfWmAlBD5Z7BG7zv-qf4DsD9omWJImCvE2u-jLxKbsQ4aN3MMbb5nIxDdFmo9CMBsplkMs_76FWzGM3m8bgtnePvzVkSzhV_-BGyEhTFVuatDM2RX6r7xWcwrRuKMO2akW-LpfsFVO7pgtoTzF9z9qtYXL0oiiqz1exOGOkeTgRamtdo8ie2D0nExUmU_FBWTO4tGPF6r-3jBc2FAt_7azo9rpTfIeTid89GqPjlghVgCLR40Z9p2ODcqYl58DqXRT7KehVEISq0P3MHLNxf8XvJWLnl21aDZg7-1xOzKud0oQAu-uTuv-LNVcVc6BR2LBhijentNizUzaHo_6MnOPWVF5KkStC-hbCnaypotAvXoPdve7Jna3bVAH6HITPbm40JRdm4qwRvgpuHMe5HqSLstH-93k_OYDtVuySo5OBjCAgqQNDgQzITPZEfWE5bt-hKwd1l4ScnRMApVYDprD3bPk72R7BCnQjPTVidi_0cSsiB3I1TKKPaH_um6LrcTafHByin8gJmH2NT_HT8sEKPuOdHkV4jUeO6V3FeCb6jg0OX34Vzd8AQKQpTsLwS6RLusrx6eIiBM0ifWC-EZaMw_T1iTi_zB3zDwncVFffmLdAL8JyzUj0xbfLhMq2sxfxl4G74nMskwzalEDbFAujpLubR7lj2NGRdM1hZYKG0Z9eD1RTfNCwaLth0wxPMKS4DC6x3FNect272yPDZ61dGsP5GHz5qcgNms9zdOvHDI_r5HSdVPxHG5m6ae3IQa6YhoXFmBh81QhQJcKnzgg0BnT5dmAh8RC2UFzRRU_cBA74TBNCqzxT8LHAQ6afF5ffhlYkgF4q3tf62RuuCp0b6zgNAIvR_IQgrPocn7pklGUN60jxnzxoi25JW7oP_XJh1sCh9Qjt_G1Tj4zwTv204TlR5it3AMhgAAG7pVdF3qvKeNNkoozd2OD3EDue1f_Jz0s1pVT14TDhUr-Ns16HmLPxDkpUwhTuCST-INanJ5agLqgDWy4ikRq2c9-qNwO9RSFqjvwEAwVoQh-zhMqNrkMjjifMdz5zMERifIcX5DJGv65gm4wNHwwULiBmP8SP29xkSIvJjDHsSz6-FLmShqa2FYx2BLMlTSOcu50WUDR22NfKLvxQ4IuLmKI5QJ1DHU-DXBZGl-YWYyJZzDoMkxQvWs9aE9whig9cgcK0YmLbRXQ2yfYccTEODS0v0BHBPaM6P_SDoo991gXRQ&cid=CAASEuRonUp8QpN16yYOxEEn4ma_jA&rfl=2%2Chttps%253A%252F%252Fheb.kyhistotechs.com%242%2Chttps%253A%252F%252Fheb.kyhistotechs.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8628
x-xss-protection
0
server
cafe
etag
13108869059872076478
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:14:47 GMT
css
fonts.googleapis.com/ Frame FF40 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 07:07:45 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A5CB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
456181
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 13 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A5CB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
456212
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 13 May 2022 01:31:31 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame FF40 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame FF40 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame FF40 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF40 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame FF40 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame FF40 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame E2C8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAdc7TS4sMSZ_pREujI0Tv8&google_cver=1&google_push=AQvitULyLv8CQ0FGplrUtS-ogTVmC7mMkTwz13qZ-LRlgvNaAH85vnY1Qif0VC73RFBDvlNwQ4SE1Z0mxeMsRQMU3fqXDh6sIeqK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame E2C8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYB...
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6513a2b27abfd6b5-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a2024038e0000d6b51e8b9000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
8896
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6513a2b01e61d6b5-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI9faccF4bQ2sUgmSAGCX-5W8Xxye4Du6x-HPEUDR4GBWaylczsGqLso72xXfhV303qRcPzN3O8hpmZ6n0bhcPsKpWyHYBo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2024020c0000d6b5f4912000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
genericusersync.ashx
sync.tidaltv.com/ Frame E2C8
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEE5eYzCgvnDo_7mp_AUUWro&google_cver=1&google_push=AQvitUJ00fU6jrpo3Qbdt2zwuGoqs4CtvDOynkZ-ZbWLpf6F5H4bZYpQSgG38v9XD7WXXWfHP_f...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEE5eYzCgvnDo_7mp_AUUWro&google_cver=1&google_push=AQvitUJ00fU6jrpo3Qbdt2zwuGoqs4CtvDOynkZ-ZbWLpf6F5H4bZYpQSgG38v9XD7WXXWfHP_f...
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEE5eYzCgvnDo_7mp_AUUWro&google_cver=1&google_push=AQvitUJ00fU6jrpo3Qbdt2zwuGoqs4CtvDOynkZ-ZbWLpf6F5H4bZYpQSgG38v9XD7WXXWfHP_fb5-O-3vt6s4z6DGyFkCVLIqpX&s_h=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b001:d120:1359:acbb:2de6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
server
Apache-Coyote/1.1
content-type
image/gif
x-xss-protection
1; mode=block
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
Apache-Coyote/1.1
location
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEE5eYzCgvnDo_7mp_AUUWro&google_cver=1&google_push=AQvitUJ00fU6jrpo3Qbdt2zwuGoqs4CtvDOynkZ-ZbWLpf6F5H4bZYpQSgG38v9XD7WXXWfHP_fb5-O-3vt6s4z6DGyFkCVLIqpX&s_h=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
google
d5p.de17a.com/cookies/ Frame E2C8 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEIINk8ubwQntC4nMg-_N30A&google_cver=1&google_push=AQvitUI6_QLpG6zNl-jsSglCD1KS1wRqxDADuevzIZEiGTxWNZPApjVtnVwk11op2LpQ5xk9aJHKriFf6yAN5HDgO7V7mi8KETQU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E2C8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHJVa0XOZZX3qihCuv9vaGI&google_cver=1&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU
  • https://rtb.openx.net/sync/dds?google_gid=CAESEHJVa0XOZZX3qihCuv9vaGI&google_cver=1&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&google_hm=ShnN0qlByQI44DkpYmtB_Q==
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&google_hm=ShnN0qlByQI44DkpYmtB_Q==...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&google_hm=ShnN0qlByQI44DkpYmtB_Q==&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIAcrSmDf1LokHxK9idz4ECT6ifnIm0Psi6bNfiZhO_MshCG9KZAEepr65Tyg400G4HnLH3bXdHO0CCrgFiynyUYwCTbGU&google_hm=ShnN0qlByQI44DkpYmtB_Q==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
417
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pixel.advertising.com/ups/58202/ Frame E2C8
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUL3o6QzyWT0F4BBqOZmfWFEvXQFG4QALsRNb8TxQK90Y5gGfO4d...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUL3o6QzyWT0F4BBqOZmfWFEvXQFG4QALsRNb8TxQK90Y5gGfO4d...
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUL3o6QzyWT0F4BBqOZmfWFEvXQFG4QALsRNb8TxQK90Y5gGfO4dTVfAMGGyrdVGxy8FWeX_5c4tRNw9eJOtbzKd0Fs9CfzGvw&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUL3o6QzyWT0F4BBqOZmfWFEvXQFG4QALsRNb8TxQK90Y5gGfO4dTVfAMGGyrdVGxy8FWeX_5c4tRNw9eJOtbzKd0Fs9CfzGvw&verify=true
date
Tue, 18 May 2021 08:15:03 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dot.gif
s0.2mdn.net/ Frame E2C8 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBUjL5xM3ulkQH0GLr2DZ1I&google_cver=1&google_push=AQvitUL3nRXJLtyZEpqon5wzBDhI9UHKuYaYh7FZti4xlCoJsu6vzQeede08tr3FeRXrFXJW5jzK5Q1ow7Qq0b-CtwYw6Wa-HAhRgg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 19 May 2021 08:15:03 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E2C8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBjx47DCRBhpoJxTnqc_NiTYhEa8amCXJLSxEpcLTmIomI_bfk2APbV-E8hYSniNPB1H5EoEc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 1DB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujrW0WBxU9xbyEELDc3ag7lMNO4Pq4254roR4KDjn-ntpg_CI21CUXERExFT3Qe9axxWAHNDQi8lzJD8i7Gs0JiMQ2itBkLV4Az7DYCXHtZcDmojzCVK1vJP1IseP4jsZ1CTjIROZyvPQmtMNbG8P9VL7k9i-dXSmbLVb7-O0HMdQHbPZGbw1Cgb59Q-9JkqexyFsrVe3We-AIWdRpUzS8wuuGh-_k-TwuLHuaOiYsx8dmjX0rBsbEDd7BpvkA-P8a1eUxzGEFTh7aDw8cwQRIEe3ejKjB2MZnaB7IYw&sai=AMfl-YTdRgI85IFXlX_oE6tAyzhl-Ob-RpYSVZhHRLAsoPNPTXF4Wy_q6yMgP5QEmYspXnUTaYgz_qngvso6TVsX68w-tp7PxPf59Mc0n1vNp-aFJx0pm7o9WD9zYCtfboY&sig=Cg0ArKJSzG4psw_Dao0qEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:03 GMT
pixel
cm.g.doubleclick.net/ Frame F66E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiNu7yZATAB&v=APEucNX5EGhUCy0uwWQvubnPOJyXJOYww9zeapMbvnAcOeFnKr4MBabVBSLWJL2_HKWQ7ufaIXm7Qswx-dvEh1JSG4tGKJlzEaip6d1DyN9WkOV8ITx-0hy_NpAMXAGE4okCMK3vaYc_iv51qFwGSbjT9MX70omXnSXoeGZ-Hqyp87AKvIBr03H2Kwt5Z1enp8eLtu_mVl1bYN-oSgUyArsWNjsXzDKaTA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F66E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGVi5L71bLCrigOwNDS3XnM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGVi5L71bLCrigOwNDS3XnM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiNu7yZATAB&v=APEucNX5EGhUCy0uwWQvubnPOJyXJOYww9zeapMbvnAcOeFnKr4MBabVBSLWJL2_HKWQ7ufaIXm7Qswx-dvEh1JSG4tGKJlzEaip6d1DyN9WkOV8ITx-0hy_NpAMXAGE4okCMK3vaYc_iv51qFwGSbjT9MX70omXnSXoeGZ-Hqyp87AKvIBr03H2Kwt5Z1enp8eLtu_mVl1bYN-oSgUyArsWNjsXzDKaTA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 May 2021 08:15:03 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGVi5L71bLCrigOwNDS3XnM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F66E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKN3h3oOpMZ7r2E2b-XhYgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-RRvdKHFICWrIZ6qe_Hko&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-RRvdKHFICWrIZ6qe_Hko&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiNu7yZATAB&v=APEucNX5EGhUCy0uwWQvubnPOJyXJOYww9zeapMbvnAcOeFnKr4MBabVBSLWJL2_HKWQ7ufaIXm7Qswx-dvEh1JSG4tGKJlzEaip6d1DyN9WkOV8ITx-0hy_NpAMXAGE4okCMK3vaYc_iv51qFwGSbjT9MX70omXnSXoeGZ-Hqyp87AKvIBr03H2Kwt5Z1enp8eLtu_mVl1bYN-oSgUyArsWNjsXzDKaTA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 May 2021 08:15:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL-RRvdKHFICWrIZ6qe_Hko&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame B4CC 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 06:15:43 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6DFD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.39499553243325347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:03 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6592766407814317453
tpc.googlesyndication.com/simgad/2819139004373338847/ Frame FF40 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2819139004373338847/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3f09cec19910656eb8287171ce37b55e2a48da275ba7e5a64cda046bb71ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:12:18 GMT
x-content-type-options
nosniff
age
172965
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32087
x-xss-protection
0
last-modified
Sun, 09 May 2021 07:59:40 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 May 2022 08:12:18 GMT
truncated
/ Frame FF40 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 360F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
456181
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 13 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 360F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
456212
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 13 May 2022 01:31:31 GMT
css
fonts.googleapis.com/ Frame 3B79 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 08:10:41 GMT
server
ESF
date
Tue, 18 May 2021 08:15:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 08:15:03 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 242E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkua2N1DMgS-3od4Ft_XOig5r_st30SNMLqkjFgD0p4wlvkQJaPIyKrErl4n7A; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:03 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 5FCF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXOPTR/ZXOPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.265470030022797
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6927
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 768F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 768F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 768F 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 768F 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame B4CC 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame B4CC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame B4CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4CC 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame B4CC 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame B4CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLJXWKDQKnZLE4OZprB1uU4UmpZNw3o4OXuDBd8gVQSPCZ8advGoeWwfgGJ6RuFaIfOLUzN_molGdaz7XBTTbUyDXGew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame B4CC 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 506C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:32:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
456181
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 13 May 2022 01:32:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 506C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:31:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
456212
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 13 May 2022 01:31:31 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/2819139004373338847/ Frame B4CC 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2819139004373338847/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e3f09cec19910656eb8287171ce37b55e2a48da275ba7e5a64cda046bb71ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:12:18 GMT
x-content-type-options
nosniff
age
172965
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32087
x-xss-protection
0
last-modified
Sun, 09 May 2021 07:59:40 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 May 2022 08:12:18 GMT
truncated
/ Frame B4CC 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 3B79 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:12:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 3B79 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7042
x-xss-protection
0
server
cafe
etag
2725110100707361309
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:11:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 3B79 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
96
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B79 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 3B79 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame 3B79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRN5HwPU3BFZ1kl8CgpqwsaxGf9gyiBbHWYEJ3EMXgjBxQ1Zs1BddyS1Vu2p5dtu8Z5E_Snmroz0QubhfQ6O960aLc9WQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a9a8364a2596c42846402f3b38495283.js
www.gstatic.com/mysidia/ Frame 3B79 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9a8364a2596c42846402f3b38495283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:22:03 GMT
server
sffe
age
66530
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sun, 15 Aug 2021 13:46:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4EFA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
google2waycm.netmng.com/cm/ Frame F768 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F768
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitULc3WaW0DIUD_cJPMOI6MyiBgcCB3iuKzdXDQ2sxd0SsdbBzrcvd4KEdy61e9ioMK6OlKI02Ink1YJreLhfIPNgu-hDuw-aPg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYyMDYzMjA1NTIyMzM1NzE2Ng==
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MzYyMDYzMjA1NTIyMzM1NzE2Ng==&google_tc=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F768 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEksMqQcQaj7CaV0osQ-ZHo&google_cver=1&google_push=AQvitUJSlWTUZKgmt4OJrdflsUhG1Y0nIsUuDqzm1n8Ma5I2OwMxCPlJ6dFCnM3OTnvYJAgdLpYERgEPnrhFnfOeYb2Jg7p2bRy61A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
um.wbtrk.net/doubleclick/user/ Frame F768 		0
0
/
c1.adform.net/serving/cookie/match/ Frame F768
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUKElqUg2VXGbg5qM8CMtkrIBpnI3MskMKYig6ssG_zJAK1-Sf0l5ROkyVjSqsGFmmFCXgdSsPCH...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUKElqUg2VXGbg5qM8CMtkrIBpnI3MskMKYig6ssG_zJAK1-Sf0l5ROkyVjSqsGFmmFCXgd...
35 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUKElqUg2VXGbg5qM8CMtkrIBpnI3MskMKYig6ssG_zJAK1-Sf0l5ROkyVjSqsGFmmFCXgdSsPCH7UGwONYws9PE9iwvgfIeyA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
server
nginx
location
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUKElqUg2VXGbg5qM8CMtkrIBpnI3MskMKYig6ssG_zJAK1-Sf0l5ROkyVjSqsGFmmFCXgdSsPCH7UGwONYws9PE9iwvgfIeyA
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ups.analytics.yahoo.com/ups/58281/ Frame F768
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUK65NmWCXxDNOZ-TIt5rztL-WXI6F08jDPJQcmpRCOdNY8WaBqqTzsWE7Tb6-_ztgpSyC...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUK65NmWCXxDNOZ-TIt5rztL-WXI6F08jDPJQcmpRCOdNY8WaBqqTzsWE7Tb6-_ztgpSyC...
0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUK65NmWCXxDNOZ-TIt5rztL-WXI6F08jDPJQcmpRCOdNY8WaBqqTzsWE7Tb6-_ztgpSyCSJhcAva7ndOfplUwkc2Gs2Kfu97g&verify=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 08:15:04 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Tue, 18 May 2021 08:15:03 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUK65NmWCXxDNOZ-TIt5rztL-WXI6F08jDPJQcmpRCOdNY8WaBqqTzsWE7Tb6-_ztgpSyCSJhcAva7ndOfplUwkc2Gs2Kfu97g&verify=true
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame F768 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpIOMLFoRCFFOJBB4nIkWleiVWvaXaGm1oBszXoLfqRd1c3ef4P2QKZR3wxYYcMys
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:03 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame AB47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL9xND6JXqV1fzO4eyP-rdWnf_iCQlvIPc5zbuiWCH5lNNRm7aMA164PVaonI4aXN8_Iizh1eK1XZ217bqOKa3qpQSUU9-TLq_rMDSO1Gj6HkRzAz6m5oqo4kLSrmw-sVeSmx_8X-oS39GLGOD7VHf1KG4k3zEShbFhIZ7ndM_XQoNtsHlxzloyaAfKGWfXyPGlUu5J_ZwAXO4sYr6YKQaL5xrIDidGSWv9AKsmdSK_yweCytIEy-JeEnWjGwRyPXMWqsUG3qykEC7oq73Q0u7fbZ4D9pP8y-uLPLVWw&sai=AMfl-YSclJFItPnd7BmSQ-LU4SY8P5hvMvHY0HT-tvNWxQN9lGZ6Bzup2YwAgj_kIpNMl-8m0QiJcEWT6Fcw-86Te1EcBX5OMrSrFTkqrbS7I79dw2q4KYbsF5wo-XvJVUcv&sig=Cg0ArKJSzCTKbd0qqGP-EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:03 GMT
truncated
/ Frame FF40 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06eaa5fb0d68fefa242f27613d29d89058cd99f42ab7555b1917b55902be0488

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/ Frame E8D3 		301 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa5fd1bded9123db5891c608047cbad0a42263961c9cee5d1b987d17c5db9dcd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/439731349334692011/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 17 May 2021 10:19:38 GMT
expires
Tue, 17 May 2022 10:19:38 GMT
last-modified
Tue, 11 May 2021 20:10:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
72869
age
78925
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view_pixel_1x1.gif
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 768F
Redirect Chain
  • https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-160752-134609-8&mkcid=4&mkevt=2&mpt=226040764&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=542897
  • https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
ebay server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

suppress-x-frame-options
true
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
HIT from include-cache-3:80
akamai-grn
0.b5247e68.1621325704.516690ba
content-length
57
x-xss-protection
1; mode=block
server
ebay server
date
Tue, 18 May 2021 08:15:04 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
access-control-allow-credentials
true
rlogid
t6q%60uebwh%3D9whhq%60uebwh*stekt%28rbpv6702-1756a7d5019-0xc0
access-control-allow-headers
*
expires
Wed, 18 May 2022 08:15:04 GMT

Redirect headers

Date
Tue, 18 May 2021 08:15:03 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Location
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
Cache-Control
private,no-cache,no-store
RlogId
t6baubqsodf%3F%3Ckuvgcp%60tqjfc*irtun%28rbpv670%3D-1797e8aebe0-0x235e
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
0
728x090.html
s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/ Frame AC3B 		42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc5231eea7c9966a4f28d774abb3d068e1eb78e91754ea951e737cfb19204a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10094
date
Tue, 18 May 2021 08:15:03 GMT
expires
Wed, 19 May 2021 08:15:03 GMT
cache-control
public, max-age=86400
last-modified
Fri, 16 Apr 2021 08:21:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C394 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGlP4fHF5zG8km1KNpXfgjyoQhCkdLm7ZIJeaxn8xtos1PWzql0lYGezwK97q77eu0nSXLl3rS7q9irSnTnkhbYzK6h9V5SShCLmGoIBRpL1z-sqzAuZnN9-FSARayUZqOvn2exk8lW250O-9A4MffPYG1Lp7nV9PqNwOBycnFEglnUrUnsr2zuOlm2N8v7_hX1mMq_KPZm-Lkx6-mQiMt2GlB3ttbvg5ZdCjrK9YFfnmnnLwQr3NzD3iqjQet2WRD5R5J7_aeqf368sdilnFEH2f9IcsmAKaOlyaVbXQuCZqFS01UJFkf2ePBJX9-zWlFjHhawKEw-rgJ12O5OeKNCmbLaw5V5Ad7G_BUDOl9uBAxF4Dhm1GY3VCGjcqi8uJpBWTSRIb6YgPVzsgQLkqE8DSfmnObsFPLaz1nbP-6RCFfHX1KHzH58gP-q0KlGyq6Kv8Uiz7zm4wY5M51SK__c3pCQQmoFK2L9M9_42tBz2_K7af-laODShr89Zd8XgmaMHh-1KPn0ZSeQZnaNAHHV2jTK04fiMmw_PDo0M1SG_y2euP9ud-Hxyf4_wzzLoYJQBvMhx04DbAuAwUX9JZImzPAiDKkJxZvnV0E3ZikWe6ay40B6TA7ORdDni6LgA1KoMnNikMqcjWK-KdZaza62pZaAqYaAjKXO_ko3HRJbu87Eg0Hu2s4IpeikUx1AerV82sjpisoYTmsz4OzLzfvrUcTQzKjHlvEEnir2pxtb6iHr0qO0n8vJwDBI-mx57ZdRJsybObwcSdg16e2L-UpN_w9eIVI5SyKDitd4YcXlY_rqblgHtTYoLoNQGpwDw1zJlFucsbe1EzgQEA7rpPp9zToCqh8LvwXrG2UjidVFPQGOUzJ7vS0wGeNUdDIA7lX4qsFbp89dwmMRQUO9wUcccZ1MkQ6SB5vFwek2-nAo8hB2PizkOc5Q6wXUjl4mY3tARhktVYeBCXAKzjdlH4_wL2WXJl1cmNf-0SWdKqJ2Pimqtz73Q6Y7cdnNjs2yET-kGTK7P6i_T1RGGPeoaFqsEEzyi0SK6osNUBsYAtcUtC5iCLZ3VVDVtvFJmh2j_5NDqmQcV5kxCkSXjEB9HXCVfRfmppNc4k60uiiJqyxWg3rPuqA8rAdpMPm&sai=AMfl-YRJPYmESX83zaEmQxaYxZY3jTNwm1irG6x7TwBzjopNilCkzAFvP-TTECra0A_Oi2KhNCc55uUA6QL4n54rTYxM1vrGlW99f98gQUJQMZyt7tAnI597vDheZekPdlZhq3Tuh4PWvyJ5TDEFZ4c4Xk3B6E5BsA&sig=Cg0ArKJSzBbvHy-qbELlEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=233&cbvp=1&cstd=228&cisv=r20210511.69961&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 May 2021 08:15:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6592766407814317453
tpc.googlesyndication.com/simgad/17921223159960109825/ Frame 3B79 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17921223159960109825/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebc33c648346d001a11ac36e29d26611997db4f50f33ec8f07ccccf7335a22f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 06:45:59 GMT
x-content-type-options
nosniff
age
264544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36650
x-xss-protection
0
last-modified
Thu, 25 Mar 2021 06:04:37 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 May 2022 06:45:59 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17698399859492210812/ Frame 3B79 		592 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17698399859492210812/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea3b5b93d31234742eced6fa3eadbf918be8493b49638ec70f3e86cd108658a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 10:13:42 GMT
x-content-type-options
nosniff
age
338481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 13:22:51 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 May 2022 10:13:42 GMT
truncated
/ Frame 3B79 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C394 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 05:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10849
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 May 2022 05:14:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 92B8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18054
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C394 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a629d493094044b6ff1e71172f5322d3cacada786e2f54c39457f0d9634116c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1C9B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMwqEolHza_BhWHtbKVVauQ&google_cver=1&google_push=AQvitUIU-U_KP9cZUJsXjk-KC0kr9KPbz0egLrLTSRBRqAovwc9plMoe2274ZtTmtagEyJY_jK0T6-dO-gSKO5QN...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIU-U_KP9cZUJsXjk-KC0kr9KPbz0egLrLTSRBRqAovwc9plMoe2274ZtTmtagEyJY_jK0T6-dO-gSKO5QN26f-pz_iMoY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIU-U_KP9cZUJsXjk-KC0kr9KPbz0egLrLTSRBRqAovwc9plMoe2274ZtTmtagEyJY_jK0T6-dO-gSKO5QN26f-pz_iMoY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 May 2021 08:16:38 GMT
Server
MT3 3736 915c305 master cdg-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIU-U_KP9cZUJsXjk-KC0kr9KPbz0egLrLTSRBRqAovwc9plMoe2274ZtTmtagEyJY_jK0T6-dO-gSKO5QN26f-pz_iMoY
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 18 May 2021 08:16:37 GMT
pixel
cm.g.doubleclick.net/ Frame 1C9B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHazSD7tWC463B2i6GZkymU&google_cver=1&google_push=AQvitUKMFw83W_0CcTRjq8nCuHl6B8Uea-600NCnW7jsV8afgTYkyNMvmlmKtZwZ7RD-doWXKPZT43vxSJ5-0-6Mx1_LOKyTBdkp
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUKMFw83W_0CcTRjq8nCuHl6B8Uea-600NCnW7jsV8afgTYkyNMvmlmKtZwZ7RD-doWXKPZT43vxSJ5-0-6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUKMFw83W_0CcTRjq8nCuHl6B8Uea-600NCnW7jsV8afgTYkyNMvmlmKtZwZ7RD-doWXKPZT43vxSJ5-0-6Mx1_LOKyTBdkp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5370E4A8E4EB4FAE87C5491831148AD6&google_push=AQvitUKMFw83W_0CcTRjq8nCuHl6B8Uea-600NCnW7jsV8afgTYkyNMvmlmKtZwZ7RD-doWXKPZT43vxSJ5-0-6Mx1_LOKyTBdkp
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 17 May 2021 08:15:04 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1C9B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEksMqQcQaj7CaV0osQ-ZHo&google_cver=1&google_push=AQvitULY3HDNPKvhno8L-toD9Gjn7p-__CurkPaSEi3DP-9rKEIEKtnh56WXxGkhksGQZYxHWVZlV5Z8LTf_43S_A3xYNcJbKvK0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 1C9B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEFSbn2_DyXgvnSMUnwskn8&google_cver=1&google_push=AQvitUJVg9kovfTOiDF5abZIh3AdTiMI3puyXN35j5qCfno_jONol0MTgXnvUeVN7cMw8s5hzi575ynTrjg...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJVg9kovfTOiDF5abZIh3AdTiMI3puyXN35j5qCfno_jONol0MTgXnvUeVN7cMw8s5hzi575ynTrjgYgVOIF8mH00DiUMv4&google_hm=8qC5p0O0RGePGPwETkLSLXI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJVg9kovfTOiDF5abZIh3AdTiMI3puyXN35j5qCfno_jONol0MTgXnvUeVN7cMw8s5hzi575ynTrjgYgVOIF8mH00DiUMv4&google_hm=8qC5p0O0RGePGPwETkLSLXI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:03 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJVg9kovfTOiDF5abZIh3AdTiMI3puyXN35j5qCfno_jONol0MTgXnvUeVN7cMw8s5hzi575ynTrjgYgVOIF8mH00DiUMv4&google_hm=8qC5p0O0RGePGPwETkLSLXI
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C9B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDnGx8aoSUeGire8-5oFZC0&google_cver=1&google_push=AQvitUIhAWF3yp3UIGkgufTEW-506KhNq7yWXBwINSibrSrUAO1TLEdh4budfrrbtNtG-GWJO8DReOZcqJ5uDw...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzU0MDg3NDg0ODE3MjE3Nw%3D%3D&google_push=AQvitUIhAWF3yp3UIGkgufTEW-506KhNq7yWXBwINSibrSrUAO1TLEdh4budfrrbtNtG-GWJO8DReOZcqJ5uDwsO_D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzU0MDg3NDg0ODE3MjE3Nw%3D%3D&google_push=AQvitUIhAWF3yp3UIGkgufTEW-506KhNq7yWXBwINSibrSrUAO1TLEdh4budfrrbtNtG-GWJO8DReOZcqJ5uDwsO_DBN8wpVC2uA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2MzU0MDg3NDg0ODE3MjE3Nw%3D%3D&google_push=AQvitUIhAWF3yp3UIGkgufTEW-506KhNq7yWXBwINSibrSrUAO1TLEdh4budfrrbtNtG-GWJO8DReOZcqJ5uDwsO_DBN8wpVC2uA
Date
Tue, 18 May 2021 08:15:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 1C9B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG7tCY6mWE_TpnTmjsoioac&google_cver=1&google_push=AQvitUIpgZxuYv4n3a8njucUNUYyItfcOG10VaCKGvUUWezwqhOW1V3OkmwIxxhrP6v9PpHBMknEKL12ZL6OHsQPVfqAY0e...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIpgZxuYv4n3a8njucUNUYyItfcOG10VaCKGvUUWezwqhOW1V3OkmwIxxhrP6v9PpHBMknEKL12ZL6OHsQPVfqAY0e3P_Hl&google_hm=MTY4OTc2Nzc0NDg3ODY0MD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIpgZxuYv4n3a8njucUNUYyItfcOG10VaCKGvUUWezwqhOW1V3OkmwIxxhrP6v9PpHBMknEKL12ZL6OHsQPVfqAY0e3P_Hl&google_hm=MTY4OTc2Nzc0NDg3ODY0MDc2Mw%3D%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIpgZxuYv4n3a8njucUNUYyItfcOG10VaCKGvUUWezwqhOW1V3OkmwIxxhrP6v9PpHBMknEKL12ZL6OHsQPVfqAY0e3P_Hl&google_hm=MTY4OTc2Nzc0NDg3ODY0MDc2Mw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C9B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU&google_cver=1&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKKBaiUCJzl4iEmCPGoGrozAronzNs6c_VS2vWZw_oDb3L30HNaCMM5mnyNziOOhL-IpiN3rvM0tIxEJ3Z18w8Vi4c3Ttk
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 1C9B 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13II5r82l3MKD0KfyxQBtTqbKDw-Mh4AmlPqEIG-oqQaxcTYD__UZJNLGbDRgdkT1yhviuhg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame B439 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 31C1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.5265022439034843
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A763 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYXFPlG65B_sJGX2B_2zwlwKuqvd2ltdvnKwqWRYbzZagasrD8mODyeMzj7n4uuC6bUX044yT-M0lav6LwIuOPJFzwF-_8TCntZN12G2H8MaN27jEB9Q_t8QRX2JCcmtuQRrwgi9Z3A79_vnUcSBa7vWp5uTxnJ9Rfy-UdF3619V6NDLWWmmrQMraSQraW3kUI0IUt6s_zldTEQE4PujGuq2jn6kMGR43tLXHDzyMQFlMW-6r2zC-BKZZCI6uO9lH-5tiGWl52Pq0LDfNYl7u48Xikvnr2Bc473zL3MQ&sai=AMfl-YTqU12SMugPO8QuwA09wNLKQJpw8K75eJEgkA3zAt6OmsTbEzwmRoFQ7OhYGhDJeKjtDb1bZsN7SiIF1EQc7JVkE1l3w8ySei32ng1Psa00pdNL5TVWU1LWGfBITJMj&sig=Cg0ArKJSzHNWrqvxJsj_EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 74A2 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 May 2021 07:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1074
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ED3D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18055
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 768F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a570fa4ff928d98713673e6340c72f7d0f4863d87364fd6b7988501be82dbb6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4B30
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.8823831267634672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
google
match.adsrvr.org/track/cmf/ Frame 5A19 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELbZVEsLrxq9bmFN1wxZ2sQ&google_cver=1&google_push=AQvitUK8P1MqFwtmeoOe0Yg_3BsathXVmnIJDkRXUBr_Dyh_7o59-UgqYQRh7FFHgc3C7Rc_UKU2dcLWZRyZSroB-FvOq2b8Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5A19
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIKbh50ktGV6lYHHkeqDbM8&google_cver=1&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDN...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIKbh50ktGV6lYHHkeqDbM8&google_cver=1&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmm...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDNUfjTrcU&google_hm=YpUMSOiwSROxElifPwrYBw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDNUfjTrcU&google_hm=YpUMSOiwSROxElifPwrYBw==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUISeMNWeDSNkNcr4nSymOX-2R_PELCuRYfF6nEciIFiflRP95KntsCupov2gdiqvH6Br9hYX0p3oIcZmmzjfsDNUfjTrcU&google_hm=YpUMSOiwSROxElifPwrYBw==
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gg_pixel
sync.adaptv.advertising.com/ Frame 5A19 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEE6Umgf03IRI346TNb7EKsM&google_cver=1&google_push=AQvitUKwvIqg-CIm227UNzxG-jNe6IdymeiNosTUe8u22bvltirr81xvwGVs-sVU3LACg4ce-NO1W-4Eg-wwJqJu52Kzke0qL6k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.9.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ribs2.0 /
Resource Hash
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
ribs2.0
Connection
keep-alive
Content-Length
14
Content-Type
text/plain
pixel
cm.g.doubleclick.net/ Frame 5A19
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMRQs...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzMzM2MTE1ODMxNDYzMzcwNQ&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzMzM2MTE1ODMxNDYzMzcwNQ&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMRQsW2Kvx4SQb0BanUsiXvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEzMzM2MTE1ODMxNDYzMzcwNQ&google_push=AQvitULhUfX8nJt9fs7lJkXYdeD_-GlD9QUxOMcJVFigE_IjGQWlYmLyWnLLLIZWr0Ud2X0Mhc3eMRQsW2Kvx4SQb0BanUsiXvU
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
google
d5p.de17a.com/cookies/ Frame 5A19 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEIINk8ubwQntC4nMg-_N30A&google_cver=1&google_push=AQvitULew7V_1fT5gnJIumHUJBrdJK2rmPNHGr1e7sVWocI_iWN-0kq73Q6r098mIjk_E491S3BISB-AVCBAEo6OkD3sXB5R7hU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 5A19
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWj...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowo...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWjLYep9cAlpYaE3DvDrAg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitUJxxz7mN-LULje9mTAzUnteufvWzvTXfSGhR6RM3UHLtxwc-RV5sTGSsziMMI5SWcIrowoXRBWjLYep9cAlpYaE3DvDrAg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dot.gif
s0.2mdn.net/ Frame 5A19 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBUjL5xM3ulkQH0GLr2DZ1I&google_cver=1&google_push=AQvitUKz6xBx4YQFj1NhKeI2nYauRMsGG0paP8c8FKnUZ9mlrUC6HMu2LS65R-Aa-p7kHj44XJYhDqSCUzzdOWwGgxwHKn6KzUI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 19 May 2021 08:15:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5A19 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKTF6ErcmGHRjc9RiogYhBZzklYHtN1pRZIGya12YMzBrJtDRZKgG6HPJZEt0nLwXb3Eoh7g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 94BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVgws3bUAjxjKsCWdT8-CvheRKNf9vjLGK3JF2xDjki3nrFB7wuUYII7ravLQI6BIt9-wHXstC9K64G_cpWle617nR8hY2khcvpgCL4D2J-_H3xBx55g-INa5w6wDAdEYT_Ki7NUxGp0J-HS7AAYGUzoGODAApnAMAEd6Ei70dKon0VvlvOoTq27p7pDjX2WJB0q0Au8K0xOAceC4n1rEieOK5h_1TRpkBa0voiTz20Qqm-4XV1Vm1Uur96KaBnJQjraQxKv_cHqK_YP3Ziuz3-LsLga-oARo1A4r9TA&sai=AMfl-YRufIMZsWUqQk6OcEzSq3-z5Di1UkVLb-_gtWuZhUttiMBSXX4BdtJWWxVQXcAh-9zAEnsbKZmXL420glY7uxnNs--3IB1-pkSPHekVVyZFlINXSsfTOwHp1zcNSXk&sig=Cg0ArKJSzDSlZX0FtLEEEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
truncated
/ Frame B4CC 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4297c324d0361ebbee49b25f345249d7b7263d724199593edbe09dda7afb209

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5EF0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18055
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3B79 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
053af0c7b1613944cc6f25bbcea31eebd08b19e0626cb83fd3b581dd906f2640

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 768F 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzM5_Tk0vACFdA04Aodjr0LRA&gqi=h3ejYJfDCM3H7_UP4pCHmAE&layout=/sadbundle/%24csp%253Der3%24/439731349334692011/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AE44
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkcT9Cr2lZ-GSK04VyEskalgomYhgyFm6qUqob4LkNnPopd0QTKtTEPO0OhOiU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame E737 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3565838599&adf=4188749683&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&dt=1568467881274&bpp=42&bdt=21&fdt=44&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=1051177114888&frm=23&ife=1&pv=1&ga_vid=1990525009.1568467881&ga_sid=1568467881&ga_hid=1109394268&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=32&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=654&isw=530&ish=534&ifk=4258374561&scr_x=0&scr_y=0&eid=151527007%2C182984000%2C182984200&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C534&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1044&bc=31&osw_key=1317328505&ifi=1&uci=1.746w5gtp7s5o&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=56&0.4824754091969865
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3B79 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
405575
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3B79 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
186701
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 16 May 2022 04:23:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3B79 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
455492
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 27F0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 18 May 2021 05:14:15 GMT
expires
Wed, 18 May 2022 05:14:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10849
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 80E4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:13:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80E4 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 80E4 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Jun 2021 08:09:45 GMT
l
www.google.com/ads/measurement/ Frame 80E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOflrNM254_FnoRQ5ft28lY6rFYpYmGNrqO2uwI4wR3TOGJjQde7GanPPhML358IYrpuCqjZMioLqlfi4ga0w8XcQ-ww
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 80E4 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cep18h3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpAFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88cPxqaPMvpxy56q41Fm4BADrIYAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTY1NTA0MTMzNjM2MDI1ODg&sigh=yC55kRqz0Q0&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 18 May 2021 08:15:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 80E4 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hppfq1k4z956wqbmkyr2cjbs331pb48d54e9ttrz4bpwjafqf04816r1g1bb1eqn1xnv3vd3vm1vb2cj46cn3rk50dw0bkzjnxgcn8pdnp89thppjrhmy5rb7a5e28t5httzym9y9vkfr5de3aaxf0ar45nwznthda56bd45d49djrt3gy5m6cgs8vh6wxevykpsqa892cw17s92zw0g2e41vt1ga6hbd1zbkj0yht0g4amfdqejn608m6fkqjdfpqzkd4r2cfs9azcxx18jt9jp619bssy6jwwms7qwbnbh7kd9xxks1zz3k6ggvr6314yb0yg6n6fjnej2mjgsjsd918syrgbmysz65cc8tpvn5k640jhym0sqjpdwevjrr4t6pha&b=YKN3hwAIu2EIu-2vAA0tdPJH5IG6E7lpNEaIZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame EE40 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcb435e2ae3ec1f001d2bf97d02c498ba64c7c85cf58beaa31091a379cd55c5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a202404ac000005dc01b3c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6513a2b44a5205dc-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E405 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 18 May 2021 03:14:09 GMT
expires
Wed, 19 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
18055
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 89B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbtlDmI50brtDmCRSPjMEmnmEF2srt7f6gmx5JrVGDjj-a80pXvhFThajlo1f1wrWO8phoWmuip0MPGmjU9B74dXI5bM5yk0NueUkCILE_83xg8y_PWTZvYtm7S71uY_MwOj7741osF9_LHU9sZrt_8c4BRmqSEh5YSYGFirfSy0ayk5k7a41wrBlJwuLhLB5Vr0WT1BdUnh4aptDNiUg18ioLUgmK81jaUDu-He_mtGl8wXndzDoqOo41qXwbs_dWQgFM-dOCYYlcxVkCQo9rOR_RC383Oq5NayeqsA&sai=AMfl-YR3beR-D-F7rg602J-RzfqcdZp0ZOTAO-4EsQ45CoIFriWLO_VBDt9lAPjlFyL9mJiUUp_ufv24_KotxEiArZxyY2TY4TkewD_sqoxvhzRj2mXqA7Z2pbrih2_y0pw&sig=Cg0ArKJSzOdSiM1_ixshEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E8D3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 03:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 19 May 2021 03:57:01 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E8D3 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/439731349334692011/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 18:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 18 May 2021 18:54:40 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame AC3B 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 10:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78003
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 May 2021 10:35:01 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AC3B 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 May 2021 08:15:04 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FF40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
405575
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FF40 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 22:58:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:11:01 GMT
server
sffe
age
378979
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
expires
Fri, 13 May 2022 22:58:45 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FF40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
186701
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 16 May 2022 04:23:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FF40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
455492
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
truncated
/ Frame 80E4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efc0ac208aeea143432598a93e4fa5c8f90e83aafa4f3954dd349b980858acaa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4EFA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitUJX8vSj2--UCGDPMmObO6437KC3sBb2yVJawh7h_cjoGYwTTUt3CSnfn1Wj-YD8-weI8Ehph7ry3bB8fJ29KCjxkud4sQY
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk5NDQzMTkyMzgwNjczNjExMA==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 4EFA 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGT2HT1LNwH_FR8n6_RW8k4&google_cver=1&google_push=AQvitULawhpYxqEQ_7-9d_kGhHyXet4vhgx7aGthxRmF52ua1sSWF4ym8kjIrned-qwE1ICvIy_K0kVD-D3aheNUBrvnhpX626q5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4EFA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJiVhSOU_wRjPCEcB5uCkeUEeh5FRWU7et-P4kjXK7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJiVhSOU_wRjPCEcB5uCkeUEeh5FRWU7et-P4kjXK7QzNY2vqngXbIHRF6xP5_mzsCetrr_-5Y0MsJrKwWy3O4S4CF0kXor
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:04 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJiVhSOU_wRjPCEcB5uCkeUEeh5FRWU7et-P4kjXK7QzNY2vqngXbIHRF6xP5_mzsCetrr_-5Y0MsJrKwWy3O4S4CF0kXor
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4EFA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMwqEolHza_BhWHtbKVVauQ&google_cver=1&google_push=AQvitUJxzhdr926r-XjBAvQqGWfvaamS-FUMxQ4Wie2p6PNR3hLshUOf6xeXe84GjX-ddKn0fP-8uqGCeqOdYuaK...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k4xgo3eIRgCXNICBO3y6DQ&google_push=AQvitUJxzhdr926r-XjBAvQqGWfvaamS-FUMxQ4Wie2p6PNR3hLshUOf6xeXe84GjX-ddKn0fP-8uqGCeqOdYuaKrZmqhEU3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k4xgo3eIRgCXNICBO3y6DQ&google_push=AQvitUJxzhdr926r-XjBAvQqGWfvaamS-FUMxQ4Wie2p6PNR3hLshUOf6xeXe84GjX-ddKn0fP-8uqGCeqOdYuaKrZmqhEU3HDHg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 May 2021 08:16:39 GMT
Server
MT3 3736 915c305 master cdg-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=k4xgo3eIRgCXNICBO3y6DQ&google_push=AQvitUJxzhdr926r-XjBAvQqGWfvaamS-FUMxQ4Wie2p6PNR3hLshUOf6xeXe84GjX-ddKn0fP-8uqGCeqOdYuaKrZmqhEU3HDHg
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 18 May 2021 08:16:38 GMT
pixel
cm.g.doubleclick.net/ Frame 4EFA
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKQqjReZ77KqmmUCBNPNcg&google_cver=1&google_push=AQvitUIEsMkud-doH50pIKxyoR8E8gxEIQn5RNS1Sa1PsQ2pTC25LQuLLJrkQQOkOLbWlRzp3Rr2o7JtXRcI9xSY...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitUIEsMkud-doH50pIKxyoR8E8gxEIQn5RNS1Sa1PsQ2pTC25LQuLLJrkQQOkOLbWlRzp3Rr2o7JtXRcI9xSYUvbi1z1prg0N
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitUIEsMkud-doH50pIKxyoR8E8gxEIQn5RNS1Sa1PsQ2pTC25LQuLLJrkQQOkOLbWlRzp3Rr2o7JtXRcI9xSYUvbi1z1prg0N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:04 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitUIEsMkud-doH50pIKxyoR8E8gxEIQn5RNS1Sa1PsQ2pTC25LQuLLJrkQQOkOLbWlRzp3Rr2o7JtXRcI9xSYUvbi1z1prg0N
x-host
tde-deliveryengine-production-64679f65b8-tdzjm
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4EFA
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91Y...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=G3dM55rnNh63wbPz3_Mqpg&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91YIfDDvP5NkjTfyyCmL3kn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=G3dM55rnNh63wbPz3_Mqpg&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91YIfDDvP5NkjTfyyCmL3kneoSacFTtc_iEwo8bKTL
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=G3dM55rnNh63wbPz3_Mqpg&google_push=AQvitULew0lPqTahwHFl6YAKajwzXnko_Mkt-cbCjBZ6JOTFQdrOck_isv91YIfDDvP5NkjTfyyCmL3kneoSacFTtc_iEwo8bKTL
Date
Tue, 18 May 2021 08:15:04 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
238
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4EFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIKbh50ktGV6lYHHkeqDbM8&google_cver=1&google_push=AQvitUIvwki1qD-RFUonqfXMUQoZRv0fMl2zAgSbgDHupT4a2hJkZaLvV9vylAbk-oRoqThqJqaxtFq2080ieAXCc9U5...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUIvwki1qD-RFUonqfXMUQoZRv0fMl2zAgSbgDHupT4a2hJkZaLvV9vylAbk-oRoqThqJqaxtFq2080ieAXCc9U5vBHUClsx&google_hm=YpUMSOiwSROxElifPwrYBw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUIvwki1qD-RFUonqfXMUQoZRv0fMl2zAgSbgDHupT4a2hJkZaLvV9vylAbk-oRoqThqJqaxtFq2080ieAXCc9U5vBHUClsx&google_hm=YpUMSOiwSROxElifPwrYBw==
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUIvwki1qD-RFUonqfXMUQoZRv0fMl2zAgSbgDHupT4a2hJkZaLvV9vylAbk-oRoqThqJqaxtFq2080ieAXCc9U5vBHUClsx&google_hm=YpUMSOiwSROxElifPwrYBw==
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4EFA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0qIhfV8HaIqeak10IAbWbhRbgVjEjMYb_aIpvhsjPN0C57aK0tCMbIgbt3_3OlIVUNvcP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B4CC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
405575
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B4CC 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 22:58:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:11:01 GMT
server
sffe
age
378979
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
expires
Fri, 13 May 2022 22:58:45 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B4CC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
186701
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 16 May 2022 04:23:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B4CC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
455492
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 92B8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitUJVmZv0gDT65MX-uCjD4_0nq8Go1Zn4_-t9b9i-F-elFCwU13n1Ic_DKtxisOTJvNEvJU-4JkEFeHz9Vj65ddLL1Z5ZCOUQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk5NDQzMTkyMzgwNjczNjExMA==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 92B8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJy3Tc4_cX5WyHCdGBsgj0_4tZZQjUejBJGj-A28hA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJy3Tc4_cX5WyHCdGBsgj0_4tZZQjUejBJGj-A28hAUejPzH2fx9wh9OuOXC2Chuj2TPSxqiTLCJ8gZF6nrzFVyloajfar8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:04 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0a1405953f2666354@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitUJy3Tc4_cX5WyHCdGBsgj0_4tZZQjUejBJGj-A28hAUejPzH2fx9wh9OuOXC2Chuj2TPSxqiTLCJ8gZF6nrzFVyloajfar8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 92B8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEksMqQcQaj7CaV0osQ-ZHo&google_cver=1&google_push=AQvitUIvm4vtYDB6bRo1PEH7-INMuHCgIkL0E8fstsMXzb2fZ33cmg7EJ6WYjSnxG6aQ-xI6rg3Bk7xuSgt4hiz3ZQFfm8FNVvyHZg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 92B8
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEFSbn2_DyXgvnSMUnwskn8&google_cver=1&google_push=AQvitULlttaQuM1dhRIDNo-yehA9UdY801Phr6BzPBc1s7bH4ORyATnGxUzS0q31UO4iKZi3mEz11m4Rt3e...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULlttaQuM1dhRIDNo-yehA9UdY801Phr6BzPBc1s7bH4ORyATnGxUzS0q31UO4iKZi3mEz11m4Rt3eRAoVzu1FExQTUW5gh&google_hm=8qC5p0O0RGePGPwETkLSLXI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULlttaQuM1dhRIDNo-yehA9UdY801Phr6BzPBc1s7bH4ORyATnGxUzS0q31UO4iKZi3mEz11m4Rt3eRAoVzu1FExQTUW5gh&google_hm=8qC5p0O0RGePGPwETkLSLXI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitULlttaQuM1dhRIDNo-yehA9UdY801Phr6BzPBc1s7bH4ORyATnGxUzS0q31UO4iKZi3mEz11m4Rt3eRAoVzu1FExQTUW5gh&google_hm=8qC5p0O0RGePGPwETkLSLXI
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
d5p.de17a.com/cookies/ Frame 92B8 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEIINk8ubwQntC4nMg-_N30A&google_cver=1&google_push=AQvitUJgBClmMtTbxKYxe1WihfhwCh9mPBo77LacoSVNb0bzSNRwTkcMulIesETuSNfP7jpd8XdsutgTbMr--B_rvu_2zPn38epRKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 92B8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU&google_cver=1&google_push=AQvitUKxLKNdRxvgkO5H9H59FMGTAC4DoB_pdWYr_LhsEpk55zmBxRLjX4jI3-UH4CxvDHXhBkzsvziWVJ92z6oSJSbKOIbIMF...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKxLKNdRxvgkO5H9H59FMGTAC4DoB_pdWYr_LhsEpk55zmBxRLjX4jI3-UH4Cxv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKxLKNdRxvgkO5H9H59FMGTAC4DoB_pdWYr_LhsEpk55zmBxRLjX4jI3-UH4CxvDHXhBkzsvziWVJ92z6oSJSbKOIbIMFGwSg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUKxLKNdRxvgkO5H9H59FMGTAC4DoB_pdWYr_LhsEpk55zmBxRLjX4jI3-UH4CxvDHXhBkzsvziWVJ92z6oSJSbKOIbIMFGwSg
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 92B8
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECkp9KosPiYSiRJoU-yJ6nk&google_cver=1&google_push=AQvitUKGl2EQhMtl4jHFpiT0Ra77McTlVfF-WqyqsCV4SNRjmF8sFUBHqjwVT08pH22j0uVjSHdRrt...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKGl2EQhMtl4jHFpiT0Ra77McTlVfF-WqyqsCV4SNRjmF8sFUBHqjwVT08pH22j0uVjSHdRrtqDMDkYf2uFdFziaPuriK3P&google_hm=MjQ4OTM0Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKGl2EQhMtl4jHFpiT0Ra77McTlVfF-WqyqsCV4SNRjmF8sFUBHqjwVT08pH22j0uVjSHdRrtqDMDkYf2uFdFziaPuriK3P&google_hm=MjQ4OTM0NjU5Njg5MjM4NDQz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUKGl2EQhMtl4jHFpiT0Ra77McTlVfF-WqyqsCV4SNRjmF8sFUBHqjwVT08pH22j0uVjSHdRrtqDMDkYf2uFdFziaPuriK3P&google_hm=MjQ4OTM0NjU5Njg5MjM4NDQz
date
Tue, 18 May 2021 08:15:04 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 92B8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkoxV2WOUbaj8gDOyEsDGuSFNnNlHYdTI4ZHsOKE8G87O0EGFQHwcpG6tYpcJiGp3Hrd4g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZXM/ZXM_OPTR/ZXM_OPTR_ALL&adk=3986104005&adf=4188749583&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&dt=1568467214166&bpp=40&bdt=56&fdt=43&idt=44&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4362668292350&frm=23&ife=1&pv=1&ga_vid=72328882.1568467214&ga_sid=1568467214&ga_hid=1297433595&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=30&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=14&ady=55&biw=558&bih=670&isw=530&ish=550&ifk=1003387987&scr_x=0&scr_y=0&eid=151527007%2C368226200%2C368226210%2C410075106%2C20040010&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C530%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=2329077237&ifi=1&uci=1.io7g1trt9o2f&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=71&0.6912571009005593
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 6CE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLKSAome51SJ23nkfl1Bz593Wbppbd3-X4hfBuG4RYstpbsbtGWmEcbQw_2DeWVqlDV1wS6H6y5Y-CMalXiOPIAFHvJSTh6UIUFGErouUJ_Q8nzdh2pzhTV_9yg0VMJK3-6jOPOfI4ioqmD4Q_ERYWxv5gAgZSVXPG9kW3kdso41lTasU63Umr1rfA5VrVWD_FNNpDDcAIm5dvp-_545ZvGy04mdUk2bDO4WpeM8CCcnXOSyMw5Rr5XRhmPnz8c_0cdzN-g41D45rOXIb4VAib-6yh5Go1XzOfQrlULuN_iKuZ&sai=AMfl-YRzqc0Lp0Hf8iU1AZJAiv-n2FBAwDo8r_mdQGP1l-m-wyO0uoE4CutFhspzP7s_0bzzv0uib-atpZ2xL3I73ey04ImvKasrW37EMlbt3q2ZNCfy7OanWrEXbcal2bo&sig=Cg0ArKJSzN9qpwX9iBBuEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
truncated
/ Frame E8D3 		849 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35ba96e4de0c75925ba42554b9950597620516f105053d7aecd090e9971bd254

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		513 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4bbeb8565b9e9a074f2860ef597e83ffc3b9cddc067149c8ac073766b4f23c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0568ee825d193173771eee5d3e706ac72aa3665f5f1eca833ce8e81b00710fdf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		249 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7932799bcfb2c1f396bd2c3bffe04669b99e3b0ee85f4aafd7aa359948efbb9a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d50e60cc4ec0622ee92496aac8f5b379f8e12b3efd42babbc08170587b1ff3dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7aae02e5af74362667c062e1383a8d7af176cff1a8b32e0277c510ec800955e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a08583f28c0bd93e5c5e089d0f94c702789a18d01226a6bc160081620dfaca4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a267963e3f1bc576d5bd7cd3a5ddeed81bdc8c21a8a6309b89de7ec84b6036b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98462d59db945be269adf62f3c7c94a1e520071427d1f6844fef50dfad77877f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51e5421450933c22e952bba34eab7f8118861b57af9eeda51391853926f8f454

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9035ed7aeba54c288c3cac35cde13f9234b26b631271cbfa88320a621d7aaf89

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0817f40e791a83419938238717cb50aa58eabccbc29ea81f6dd8ca2fcbc4446e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6bd750f32ab3021be54d4d9eb659116655626ba214c9e1691e030c5f0c15668

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33239d4c15a977bffd8cfc0332a1002572bdbcca02898b872d8a58a225ad95b0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		1007 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28ba1d4d759b4620a8fdb82c348980da15acea24bb4740ec24ba24a4daa4d3f8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be8a48c462209c00b275af6a3cdfef62b7271408d5905cd5fbd361a15221a02

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		968 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3252d3563fd11ec981f2a551dc4c164ef73ff16e6af1160f88b6c2921ca93d34

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
865f4f14ddbec8af41371750886bac0713ab94b926de9c88dab307cedb0a5e7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		925 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5edf0998558438600bedf6a73c97c138a1a54b9a2012483dc4ee94ec0d66d99a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d3c9d7c11547461b4b4ff3bfea78f815821ba2aff506d6b1a74cebdb540d924

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		915 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8018bf0da1b729ac055953d5adab7ffe6f5d14f1686e1e10f0009ddd75d75fda

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55094037c34c6e4bf2f68dd7ed35c5a558899a187c347ceee02f7552893cf4b0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		735 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ade3cf0beb041f855f83dd286626f7f37c25069e618daf0ce73fe0ebd9313bf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		642 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5ef61c9628070fe25335bab7dc60e06ca1eab089e134d5bb12efcc2a8cf88e8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		998 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8816c15b716ef5c7c89ecf62baa03b481dfbf740d6b72aca51036102076a66a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		969 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b837c4e176b27195bcf08d3f4dbfccfaefdf9d64cdbc7ab17b2a601aaf66bc32

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E8D3 		880 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b63e5a1d30da4a0a9f81ab9cef3b48ffcc4f208dcbf088bdc2694398a36b868

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame C394 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGlP4fHF5zG8km1KNpXfgjyoQhCkdLm7ZIJeaxn8xtos1PWzql0lYGezwK97q77eu0nSXLl3rS7q9irSnTnkhbYzK6h9V5SShCLmGoIBRpL1z-sqzAuZnN9-FSARayUZqOvn2exk8lW250O-9A4MffPYG1Lp7nV9PqNwOBycnFEglnUrUnsr2zuOlm2N8v7_hX1mMq_KPZm-Lkx6-mQiMt2GlB3ttbvg5ZdCjrK9YFfnmnnLwQr3NzD3iqjQet2WRD5R5J7_aeqf368sdilnFEH2f9IcsmAKaOlyaVbXQuCZqFS01UJFkf2ePBJX9-zWlFjHhawKEw-rgJ12O5OeKNCmbLaw5V5Ad7G_BUDOl9uBAxF4Dhm1GY3VCGjcqi8uJpBWTSRIb6YgPVzsgQLkqE8DSfmnObsFPLaz1nbP-6RCFfHX1KHzH58gP-q0KlGyq6Kv8Uiz7zm4wY5M51SK__c3pCQQmoFK2L9M9_42tBz2_K7af-laODShr89Zd8XgmaMHh-1KPn0ZSeQZnaNAHHV2jTK04fiMmw_PDo0M1SG_y2euP9ud-Hxyf4_wzzLoYJQBvMhx04DbAuAwUX9JZImzPAiDKkJxZvnV0E3ZikWe6ay40B6TA7ORdDni6LgA1KoMnNikMqcjWK-KdZaza62pZaAqYaAjKXO_ko3HRJbu87Eg0Hu2s4IpeikUx1AerV82sjpisoYTmsz4OzLzfvrUcTQzKjHlvEEnir2pxtb6iHr0qO0n8vJwDBI-mx57ZdRJsybObwcSdg16e2L-UpN_w9eIVI5SyKDitd4YcXlY_rqblgHtTYoLoNQGpwDw1zJlFucsbe1EzgQEA7rpPp9zToCqh8LvwXrG2UjidVFPQGOUzJ7vS0wGeNUdDIA7lX4qsFbp89dwmMRQUO9wUcccZ1MkQ6SB5vFwek2-nAo8hB2PizkOc5Q6wXUjl4mY3tARhktVYeBCXAKzjdlH4_wL2WXJl1cmNf-0SWdKqJ2Pimqtz73Q6Y7cdnNjs2yET-kGTK7P6i_T1RGGPeoaFqsEEzyi0SK6osNUBsYAtcUtC5iCLZ3VVDVtvFJmh2j_5NDqmQcV5kxCkSXjEB9HXCVfRfmppNc4k60uiiJqyxWg3rPuqA8rAdpMPm&sai=AMfl-YRJPYmESX83zaEmQxaYxZY3jTNwm1irG6x7TwBzjopNilCkzAFvP-TTECra0A_Oi2KhNCc55uUA6QL4n54rTYxM1vrGlW99f98gQUJQMZyt7tAnI597vDheZekPdlZhq3Tuh4PWvyJ5TDEFZ4c4Xk3B6E5BsA&sig=Cg0ArKJSzBbvHy-qbELlEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1103&vt=11&dtpt=870&dett=3&cstd=228&cisv=r20210511.69961&adurl=
Requested by
Host: heb.kyhistotechs.com
URL: https://heb.kyhistotechs.com/mlpa-first-screening-method-43225044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame ED3D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGT2HT1LNwH_FR8n6_RW8k4&google_cver=1&google_push=AQvitUL7NkgZ3fd90i7m35thYbk9bgMc8bfT5rnbqJZXlLaqWfFx_Mzr4k...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL7NkgZ3fd90i7m35thYbk9bgMc8bfT5rnbqJZXlLaqWfFx_Mzr4kT2OtiTWq5Rl0C6s5EAJK8BomQs4PC_L-jSz4CCBv7F9w&google_hm=YSHq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL7NkgZ3fd90i7m35thYbk9bgMc8bfT5rnbqJZXlLaqWfFx_Mzr4kT2OtiTWq5Rl0C6s5EAJK8BomQs4PC_L-jSz4CCBv7F9w&google_hm=YSHqoK65bCOVKCOvVG_qEw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUL7NkgZ3fd90i7m35thYbk9bgMc8bfT5rnbqJZXlLaqWfFx_Mzr4kT2OtiTWq5Rl0C6s5EAJK8BomQs4PC_L-jSz4CCBv7F9w&google_hm=YSHqoK65bCOVKCOvVG_qEw
pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
a.tribalfusion.com/ Frame ED3D 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEEKekV5r34_0QHsZPV8k4r4&google_cver=1&google_push=AQvitUKeigkd187_S4B_9tJrj0vJYmET9iki2nKoRpKXwOJTuScho65Ai8xTfCU9GyELF5yTYXnlkdvSCP8C5B-6lG2F6aCwsFcTcg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKeigkd187_S4B_9tJrj0vJYmET9iki2nKoRpKXwOJTuScho65Ai8xTfCU9GyELF5yTYXnlkdvSCP8C5B-6lG2F6aCwsFcTcg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6513a2b6fa2cd6b5-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a2024065c0000d6b5c3272000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED3D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHazSD7tWC463B2i6GZkymU&google_cver=1&google_push=AQvitULa_-4ANLoPMhaBcMy-dQmIUl_zdEAY2BNnihlPYUWb9UFwTXOVXuqIl69TBjXTLB6ofYkgvizVk6D8k7bwCuI-kftbExi-
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=877EA6562FD44B23A41CFCE389E14FD9&google_push=AQvitULa_-4ANLoPMhaBcMy-dQmIUl_zdEAY2BNnihlPYUWb9UFwTXOVXuqIl69TBjXTLB6ofYkgvizVk6D8k7b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=877EA6562FD44B23A41CFCE389E14FD9&google_push=AQvitULa_-4ANLoPMhaBcMy-dQmIUl_zdEAY2BNnihlPYUWb9UFwTXOVXuqIl69TBjXTLB6ofYkgvizVk6D8k7bwCuI-kftbExi-
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=877EA6562FD44B23A41CFCE389E14FD9&google_push=AQvitULa_-4ANLoPMhaBcMy-dQmIUl_zdEAY2BNnihlPYUWb9UFwTXOVXuqIl69TBjXTLB6ofYkgvizVk6D8k7bwCuI-kftbExi-
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 17 May 2021 08:15:04 GMT
google
match.adsrvr.org/track/cmf/ Frame ED3D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELbZVEsLrxq9bmFN1wxZ2sQ&google_cver=1&google_push=AQvitUL7BcfRjJeC1jfTKJzeHg6yhw-XZok01v4Sc8UvP_wTIh0EtAbeO3uvRROkWUaDsI3AvBnLdFWzs-cjTE74VgQbPEZsr8W-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame ED3D
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qey46monIz8_Padsnir0zg&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7G2xWBaDJleW8UYj8UGRT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qey46monIz8_Padsnir0zg&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7G2xWBaDJleW8UYj8UGRTOFwlUYR-q-1kuNInQi8Gw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=qey46monIz8_Padsnir0zg&google_push=AQvitUJCZQnT4nprfLXlt6itXD0OiIGuniD4ZvaYusXJ8kOJNuMlYIluI6C-7G2xWBaDJleW8UYj8UGRTOFwlUYR-q-1kuNInQi8Gw
Date
Tue, 18 May 2021 08:15:04 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
240
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame ED3D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG7tCY6mWE_TpnTmjsoioac&google_cver=1&google_push=AQvitUJVojJsdINBSbcey5HsaMZh3u4-HwxBAj9D1KxVISKruxgcJY5kCCsqoFdsQXyWhaJ9dqFtJpjHZGJHiHa9HSp0oS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJVojJsdINBSbcey5HsaMZh3u4-HwxBAj9D1KxVISKruxgcJY5kCCsqoFdsQXyWhaJ9dqFtJpjHZGJHiHa9HSp0oS76Krf5&google_hm=MTY4OTc2Nzc0NDg3ODY0MD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJVojJsdINBSbcey5HsaMZh3u4-HwxBAj9D1KxVISKruxgcJY5kCCsqoFdsQXyWhaJ9dqFtJpjHZGJHiHa9HSp0oS76Krf5&google_hm=MTY4OTc2Nzc0NDg3ODY0MDc2Mw%3D%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJVojJsdINBSbcey5HsaMZh3u4-HwxBAj9D1KxVISKruxgcJY5kCCsqoFdsQXyWhaJ9dqFtJpjHZGJHiHa9HSp0oS76Krf5&google_hm=MTY4OTc2Nzc0NDg3ODY0MDc2Mw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED3D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIuytFJh9QaCDWNjNMSUsdU&google_cver=1&google_push=AQvitULQkpp6xx0cOsy4DGof2U8C87qCk_JaiXnXg7bTdvAs6GYcdigs6fS5lacp0D2lDbBjYpserB0K...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitULQkpp6xx0cOsy4DGof2U8C87qCk_JaiXnXg7bTdvAs6GYcdigs6fS5lacp0D2lDbBjYpserB0K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitULQkpp6xx0cOsy4DGof2U8C87qCk_JaiXnXg7bTdvAs6GYcdigs6fS5lacp0D2lDbBjYpserB0KL58GNaBL4y2o1_HINcUdiQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzU4OTE0NTUxODY3MzYwNDU4&google_push=AQvitULQkpp6xx0cOsy4DGof2U8C87qCk_JaiXnXg7bTdvAs6GYcdigs6fS5lacp0D2lDbBjYpserB0KL58GNaBL4y2o1_HINcUdiQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame ED3D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOJNwYEgcu_-9Oz0blp1MYeu8bzYNHgS-HLNkrQQgK89lDnBqNov-gjvxI7SPSV_b-bBWG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 51F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNWKT9MMi_SpatM1QixvG7h6rPJqUqbY3DlAS_WnJDEH2ppPuDP0u-Pgrgx9gnVN93s0pIto-TLGnIeZjUpdP-WKuW3MSRj6htSZ_AviyXoZJBElbDnSLweuEGZ4FpZvsklAr_jZ9ZoMCDNbH2Ewf9Kj3_xlBzvKeQWZ36S3xazJjbVnOYf71-zHEtahF5RBa0O3L5tY-UGyPp3YQCKVOwxai9i6LuTwnHLwTqnFpA5WhqDw-03MfjNjk4Gb3VykZjsdT1Gcy0PQdqSC71UI3oDn6Nx0CZxZ8knJ3ZLw&sai=AMfl-YRbE7-y9JLZpJowZ6H_d1iyST1mG2ny_vKJXJebyI-p8wXz7pT5qJaoN_NiAEQbTPqXOcUAl8zZ63Y7uBYVEruIYiYJnekkGVtKap0emZ1qHRrm5KDnSwjeFsCRQXM&sig=Cg0ArKJSzDhw6lb5AhTnEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 51F5 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6b41f733b1b59fb1f0bc59dd3c702f91bf282d942ebd9ec5cb2ffd71f40780d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7813
x-xss-protection
0
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame A263 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.16516651166812935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
pixel
cm.g.doubleclick.net/ Frame 5EF0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitULOtI1X5RmrVjIUhSRO_ugKmhGOh_4aBqHiQgIz6HJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitULOtI1X5RmrVjIUhSRO_ugKmhGOh_4aBqHiQgIz6HJMajAIGSQep2Z3o84Xj7eynot9_8E9R4Y1dZKCUkuBm1V9x5DggRBJ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:04 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-06dc1c09a183d011e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VkdnTkdhRncxTElVU0E1&google_gid=CAESEI-iVRVV0YWqkBS68CBQPW0&google_cver=1&google_push=AQvitULOtI1X5RmrVjIUhSRO_ugKmhGOh_4aBqHiQgIz6HJMajAIGSQep2Z3o84Xj7eynot9_8E9R4Y1dZKCUkuBm1V9x5DggRBJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EF0
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEIqke6nco0uNf1aX8NW9SYQ&google_cver=1&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=3s_4cCZjnbyGPD163YroYg&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik76UhlMfN1bzfMZUcrJiG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=3s_4cCZjnbyGPD163YroYg&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik76UhlMfN1bzfMZUcrJiGfnUuymGxFHqZPQ6X4oI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=3s_4cCZjnbyGPD163YroYg&google_push=AQvitUKD-5E35fG6ZJxkrz3WdK8hATHeJTzHPyAmxc-YSeJjvL7EK3meqAsik76UhlMfN1bzfMZUcrJiGfnUuymGxFHqZPQ6X4oI
Date
Tue, 18 May 2021 08:15:04 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
238
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
google
d5p.de17a.com/cookies/ Frame 5EF0 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEIINk8ubwQntC4nMg-_N30A&google_cver=1&google_push=AQvitUKEYSlvCBTk_2CIK7WYnVw0oLf2K1ncN6Om-lEzpayVpmjHIlRJf9B-aZYQVwpaPpWBn2JrEX6I9GOL7rBFSs2VM0ZSgThf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 5EF0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkaw...
0
0
pixel
cm.g.doubleclick.net/ Frame 5EF0
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEL-nIldCMbZEagTisykwmoQ&google_cver=1&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzc...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNjhkOTc4Mi1iN2IxLTExZWItYWRkNy0wNmE4NzQxMjNjZmE%3D&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNjhkOTc4Mi1iN2IxLTExZWItYWRkNy0wNmE4NzQxMjNjZmE%3D&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa1M9mWt82gBBqlB43BGtIJyusELLNd6HQKnsg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 May 2021 08:15:05 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyNjhkOTc4Mi1iN2IxLTExZWItYWRkNy0wNmE4NzQxMjNjZmE%3D&google_push=AQvitUJbw2SrBSR6CqoyItZ7Iov3zP5KFBzi-ew1uCK1sT8dQlWRzcUj3FaiobSzVa1M9mWt82gBBqlB43BGtIJyusELLNd6HQKnsg
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5EF0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDbEm-7e1e-n8Ozolt-ob8Q&google_cver=1&google_push=AQvitUJNiWA25wgCSKTOdIqA3cwN74FYBJeGxV8Od1Mp_zDh31N2-2afmolmoVa9HE5gtApY79...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yRUI1SHRORTJ1RnJhWTEzNkh2S0RsUnJLbEswd0J2Tn5B&google_push=AQvitUJNiWA25wgCSKTOdIqA3cwN74FYBJeGxV8Od1Mp_zDh31N2-2afm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yRUI1SHRORTJ1RnJhWTEzNkh2S0RsUnJLbEswd0J2Tn5B&google_push=AQvitUJNiWA25wgCSKTOdIqA3cwN74FYBJeGxV8Od1Mp_zDh31N2-2afmolmoVa9HE5gtApY79AcpeHfMLcDqhYGha5F3zPjoymD
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 May 2021 08:15:04 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yRUI1SHRORTJ1RnJhWTEzNkh2S0RsUnJLbEswd0J2Tn5B&google_push=AQvitUJNiWA25wgCSKTOdIqA3cwN74FYBJeGxV8Od1Mp_zDh31N2-2afmolmoVa9HE5gtApY79AcpeHfMLcDqhYGha5F3zPjoymD
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 5EF0 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBUjL5xM3ulkQH0GLr2DZ1I&google_cver=1&google_push=AQvitULj1r57RNX_LRYm-ZMiMkpK08OhxsdFkUZg7ezhYihK6bvcr91yP1spa2W_WoM5K_pWrJvTKPg3OBouc237tG0yFJM96mq14A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 19 May 2021 08:15:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5EF0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lhs6gehRDgDY51LXO2H1kbqkXhviTbXMP-wjqhgBeTY1Emx6YLNd6Nz85hR-SLQNVyP0wfNdev
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 15DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto9f2lymh_nHYi910FudkTGOUBFXXSi96p2QwydVEwhcPYQzHmv3bvHDa4Wz1sRQlu10D4wcZ-WTbaAiuke60ANAAzi5-R1xjF8RvWaleOV5XVqocKuKZOAZklLQ9OU-coaTQE3kLkF6AkShrF1GUhAL3rU7l_nCU190wGcHkJyizoz9x5zO0BR886p0xgJ8cgYEp74YWRYkmC5Zx4UHgoWI-oJV4F4ayCanY1jY5ND6s-wUSeCRQJo_8Kq-GqhqkZo-cVxlCBQZbe3vYYGWRfA8JD2uX2MQeOj4IxLg&sai=AMfl-YTYVAAj0AAQE3VpvRsG8J5uDnztKF1IJ1TA01vcb1HJY_SbStfICBLhWwcqTh8h9o_45lFKVqn6CJF8bytMo0bM8xjxWZGJYRqiU2xXx60FMfayp9meS_lzdOgG3Bw&sig=Cg0ArKJSzMmTO544RLwAEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 17C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2FyF1Qi83-LhFdIoWrVcYrAHUyTYjP9KFvDBRLB95Ot09JmTs6hcMcJpql68xM-6F25nMWC174-r5aqznsat4aZxWBYsV8w1trlTwUPviKfpkF8Ehd6OcJPANF_wqCkz1_JU6jX0u2JNv1ZD-PEkZqzbwnEyVoM5potNqGBmkjasGsv4jeCFFV0obTMlb5KFGSC8LmjFypHwBb6cC1qki2Y-XGoYesN2TV5ud36eh74U5PB8iEXliuYxTapU4EznccLGMPu6oPk0lrRO8E__DxxruDovR0mLJMBeRKQ&sai=AMfl-YSD4IVl4XRmY_57Zg8MBW5oSCwrPLxDu3wk2g-NsXWgdGMRpx6XbBP2i4pSECgSwmzKW87Ax00WgYdN-E3d7Pl3_Oj6r1qrYk6SehSmQBb7LiG_wy4CM4RZs_9h3lpm&sig=Cg0ArKJSzBis8ea5J2hvEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame EE40 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Tue, 18 May 2021 08:15:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4878957
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a202406da00004ac39c9c4000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iy487JhJNH9%2BP5eNciBWllt3TLTj7%2FqF6AIcVygQ3TTKfc9cFwmzU5b4R6lVaJ%2FyH3tXw10d5Whg%2FHsFULhm%2Fm7xE6jBHnGDnFzF%2Fgu9YtUAyEd6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
6513a2b7c8e24ac3-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame EE40 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Tue, 18 May 2021 08:15:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
53374
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a202406e600004ac38a1fe000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FCwuCWl1%2B1mzKcS2gRrNE1dV49PAFQbrT4M6J1Q8iPje8Tz6Z1oXdQoU%2FKsPGqeSHymUdCCzF6bHL4RMISXd214TTSwcws8cxtYvjR9OwB5vzr0T"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
6513a2b7c8e84ac3-FRA
expires
Mon, 17 May 2021 17:25:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 74A2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3550768919&adf=4188749581&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fbusinessanalytics24.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XBGkqE19na34m-c6izFyQ57Xe3EmwXixuwVS1dzrfgpIypYQDWix56u8bCSy3ooiNI11SUszgZT5-kds_Fyj7luhbc7ZN16rg&dt=1570521049387&bpp=156&bdt=109&fdt=307&idt=309&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1100834168564&frm=23&ife=1&pv=1&ga_vid=798669959.1570521050&ga_sid=1570521050&ga_hid=1769138364&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=4&u_java=0&u_h=640&u_w=360&u_ah=640&u_aw=360&u_cd=24&u_nplug=0&u_nmime=0&adx=9&ady=55&biw=360&bih=640&isw=342&ish=520&ifk=1606835433&scr_x=0&scr_y=0&eid=20199336&oid=3&pvsid=1656025453607119&pem=899&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C360%2C0%2C360%2C640%2C342%2C520&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.q8n9kh33p89j&p=https%3A%2F%2Fbusinessanalytics24.com%2F&dtd=398&0.8083921964599525
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkcT9Cr2lZ-GSK04VyEskalgomYhgyFm6qUqob4LkNnPopd0QTKtTEPO0OhOiU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 18-May-2021 09:15:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 May 2021 08:15:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 May 2021 08:15:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame EF14 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3542187154&adf=4188749677&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.7723255574325887
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 5B47 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDOPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.5784339602948412
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 51F5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2A96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttb4n9GWJVSukJvf1dSPvLhzVsBZT5Yw-9dB0C8ALWYFWt9T1XScFOSR_NP-PcRE76MAh_EQ1SxoSfY39zOI78P2FHBe8xzU_5ZV5oFhXIPBU_0KuJ2y2k0Y4aUPkKrT5aZaGra9rpqaIQ4DEHQZ89rS8ugOSwsaA5HTVF66C42h0dXMWhJrFr3ba2mhwk7ybIZAfpr9m8G9P8OKMrDvBR0GT-H0u1TwHOOu1-SIeQHCpbOCFiAN7KAHyFvWTYb6dcdSg9MW352HNIZixVlZxhRv18gWCzmhb-ReimHQ&sai=AMfl-YQMJ6j50w26Fg58W_c7PzavYiey-EKOqFi4qO8o_U9TtL2b-SZVCOHYfNjCN0sSTquYaJP8rTqjKbnEUovyLb1QZkGzckx7hKL7DF1Q8pIgp2FxFaxLgz5OLwNyOqc&sig=Cg0ArKJSzCWJPwzvzbPXEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:04 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E405
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ7zcFfyJRCRbx9nnSYoVZM&google_cver=1&google_push=AQvitUItpHeW-nz-szpu6Ahvtvanf5frj5VHK6qu2aGs84b75VyF1VJKP5VTyvmlihQegIoX15wY7FsXOU3AYbmExvRhxE9Dzg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk5NDQzMTkyMzgwNjczNjExMA==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESELRdMF2jxHhl1TmB1_j3RTs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame E405 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGT2HT1LNwH_FR8n6_RW8k4&google_cver=1&google_push=AQvitUKICAsDIIdfKZruQ4vx7cUngkp3COAsdiM9hBGE-sSPtL23aYrKpSjmIgar-3aSC5egFQYk4uNHvOm7JX39RmXzHAYqWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame E405 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAdc7TS4sMSZ_pREujI0Tv8&google_cver=1&google_push=AQvitUJgF_Pmxn5M2J8VUyE5rGydijOToezmia4uyiWpt25698KlToVhdkDlejVKhRNchiOwvLZ4HFy1ngSrMnWmhjhRfPm7kUg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E405
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJKQqjReZ77KqmmUCBNPNcg&google_cver=1&google_push=AQvitULVV4J-mW2KthYDpcOooaOR0681h7mj1Ce9Kh0ujUQ5I3ZcjvEF64b9wpq95zUFt902D8YADaj4h3IOWbpr...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitULVV4J-mW2KthYDpcOooaOR0681h7mj1Ce9Kh0ujUQ5I3ZcjvEF64b9wpq95zUFt902D8YADaj4h3IOWbprQBDe4aG-mdI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitULVV4J-mW2KthYDpcOooaOR0681h7mj1Ce9Kh0ujUQ5I3ZcjvEF64b9wpq95zUFt902D8YADaj4h3IOWbprQBDe4aG-mdI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:04 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zmOjcGesTnmsQHZodryc_A2&google_push=AQvitULVV4J-mW2KthYDpcOooaOR0681h7mj1Ce9Kh0ujUQ5I3ZcjvEF64b9wpq95zUFt902D8YADaj4h3IOWbprQBDe4aG-mdI
x-host
tde-deliveryengine-production-64679f65b8-tdzjm
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame E405
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECo-W7Qilr08xpUOYlcaByw&google_cver=1&google_push=AQvitUKnmA86BfFCqQFE6BfpKH4ymcV6mLbNGvxZaA_z3hW74uqlyNZl7hqTksLMZMfUuwf_KZiHxSIf8FsYSVy-...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKnmA86BfFCqQFE6BfpKH4ymcV6mLbNGvxZaA_z3hW74uqlyNZl7hqTksLMZMfUuwf_KZiHxSIf8FsYSVy-AATBrX4F1Fs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKnmA86BfFCqQFE6BfpKH4ymcV6mLbNGvxZaA_z3hW74uqlyNZl7hqTksLMZMfUuwf_KZiHxSIf8FsYSVy-AATBrX4F1Fs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 May 2021 08:15:05 GMT
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKnmA86BfFCqQFE6BfpKH4ymcV6mLbNGvxZaA_z3hW74uqlyNZl7hqTksLMZMfUuwf_KZiHxSIf8FsYSVy-AATBrX4F1Fs
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_prkb8q9RvmDRfQVkzYmvfMauwafmQR0HoOFyh2y_swyAFNOOUX2Xg==
pixel
cm.g.doubleclick.net/ Frame E405
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEN5G8umCh2esiZCLqX6j4AU&google_cver=1&google_push=AQvitUIFKTnZnqJ6tFCfEhcvBhzs0pcCvAdlQgmYUr71NM5UjfEvtdUhrXQgqNXtidl-DyX6Pi6uz0a6VLE0-DJ7FOkZb-MRZ28
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUIFKTnZnqJ6tFCfEhcvBhzs0pcCvAdlQgmYUr71NM5UjfEvtdUhrXQgqNXtidl-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUIFKTnZnqJ6tFCfEhcvBhzs0pcCvAdlQgmYUr71NM5UjfEvtdUhrXQgqNXtidl-DyX6Pi6uz0a6VLE0-DJ7FOkZb-MRZ28
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzQzNjI0NzA0MjcxMzY5NTc3&google_push=AQvitUIFKTnZnqJ6tFCfEhcvBhzs0pcCvAdlQgmYUr71NM5UjfEvtdUhrXQgqNXtidl-DyX6Pi6uz0a6VLE0-DJ7FOkZb-MRZ28
date
Tue, 18 May 2021 08:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame E405 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBUjL5xM3ulkQH0GLr2DZ1I&google_cver=1&google_push=AQvitUKNB1QZjEhOXnPIVbsZpuSbWJ1kudWvoAyWpUW_Zr-DiW4Cd6PiscnB2Fb1fwAQEV79JBaXOfYlhjr5f6r3U4OqcroEAbX8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 19 May 2021 08:15:04 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E405 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXj4-xMFFp_5Tf9VyTo6hhPXn7ybBrvu637gDs3eCgXtGRhZwdNE6XxHmjcFveUVRdDixT6w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&slotname=ZDM/ZDM_OPTR&adk=3986629809&adf=4188749580&w=728&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.4480457980886383
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame 27F0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6928
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
FrutigerLTW05-55Roman.woff
s0.2mdn.net/creatives/assets/3807343/ Frame AC3B 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3807343/FrutigerLTW05-55Roman.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4d9197cfd4b9f28300e0652a527c652c0c2b746231a490bd042c04132c0309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:08:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Jul 2020 08:13:39 GMT
server
sffe
age
414
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32429
x-xss-protection
0
expires
Tue, 18 May 2021 08:23:10 GMT
FrutigerLTW05-65Bold.woff
s0.2mdn.net/creatives/assets/3807343/ Frame AC3B 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3807343/FrutigerLTW05-65Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2cae88100e4c402e454488ec7d17eab3d98f569a559596b764716c5503b7fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:08:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Jul 2020 08:13:42 GMT
server
sffe
age
403
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32719
x-xss-protection
0
expires
Tue, 18 May 2021 08:23:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC3B 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
694b5b8898569dfa205608d3931728f67de3a836a3562b0bd91c348ae701dbae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4094
x-xss-protection
0
60005582_20210428061624325_728x090_Intro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AC3B 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210428061624325_728x090_Intro.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
552f26bb9d4cc90bac2be1b7b5661cd214cd6947646880fc674d750894ae8a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 15:38:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 13:16:24 GMT
server
sffe
age
59788
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28849
x-xss-protection
0
expires
Tue, 18 May 2021 15:38:37 GMT
60005582_20210201070650326_stoerer_tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AC3B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210201070650326_stoerer_tab.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f2f2833f59843f55c545e231d2c2a7f454241e1c55fbcd57e6c648d0f58b1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 14:36:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Feb 2021 15:06:50 GMT
server
sffe
age
63490
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6027
x-xss-protection
0
expires
Tue, 18 May 2021 14:36:55 GMT
60005582_20210205045834056_SAM_S21_Tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AC3B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210205045834056_SAM_S21_Tab.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31396c046ee5e782efdc39d8f0c008c4c5e468b226dde487dcf7b7330ee72fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60605474/20210416012110946/728x090.html?e=69&leftOffset=0&topOffset=0&c=VRQE9stvfA&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 19:41:33 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 12:58:34 GMT
server
sffe
age
45212
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44690
x-xss-protection
0
expires
Tue, 18 May 2021 19:41:33 GMT
postview.gif
portal.o2online.de/nws/img/ Frame AC3B 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291119587_99319426_-0&ref=25124645_4307561_291119587_99319426_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Maintal, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 08:15:05 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame E8D3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6929
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EE40 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:05 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3397
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
0a202407c70000beba2db2d000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ucgNeMZJqqAgaPgxrEcUeDph1phN3ysPprcStil0ibou39G6t2jtdyOgT50FTKFCkKv2%2B07gcbUoQML9B2Ajrmg%2Betq3TnGTRvMLXnPgeBQcepIycFbumCOLLHT35vLY1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
6513a2b93982beba-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AA30 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 18 May 2021 08:12:28 GMT
expires
Wed, 18 May 2022 08:12:28 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
157
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC3B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:05 GMT
frame.html
ad4m.at/ Frame 5AF8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D

Response headers

date
Tue, 18 May 2021 08:15:05 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Tue, 18 May 2021 09:15:05 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2200750
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a202407dd00004ac3c3393000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=knxrDEFo0zq%2Fm3y4MtPCCWnfqbwEX9C9PtSGaMY0%2BRKOuzKnx0lGN%2FVpnqEw0oh%2B3nrea199VII9NR0Zo2PDc2ZAHxpwx7eCGCwt8IqEGdKFGW1u"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6513a2b96ce24ac3-FRA
content-encoding
br
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame C458 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6929
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B340 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsUJx7COP7KdTZ0FEOEnLgFaJqI_zqi1jT711ScA3tYe7EWZh-zo4JoQNjlxW5-Fwjyz1pBdCDWWysE7wuH53kzcdmpojzlR49gvkJQrqZtj2AKH0zsMIzz0tWT91wHqgeDj180ip1eK7kg1Q4x5xgyZtAGSxIpbtt5bF5Vc1oL18BVrGuR2pxxlrYQdVqss600VICubdRbCId1Ogb-QIC-BruCkncCfCfoEXg4mLpSzhwvhG8i8JjKiVwDjzR7hwRhLnaz2wvu1y84tIi-H3-umKm2LXJOLmKNAucVA&sai=AMfl-YQgJHUkqKGZL5FFa53GVudSJ4W0yEoM4BOay4jvGe-Yz4oxtMHehItzOWoZA4v8RsdwSzPId1cYr6FUrVUI3mpJmA1PXd7cKNh_FVeIjBORAT2DrdlCUw2SUalomYY&sig=Cg0ArKJSzNvOvL85BIIUEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 18 May 2021 08:15:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B340 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7622c2db40567eb3bd33a2a915258ab078add034906a1188cea3f4ddbbc1a263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 May 2021 08:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7692
x-xss-protection
0
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame AA30 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6929
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B340 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6550413363602588&plah=heb.kyhistotechs.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 18 May 2021 08:15:05 GMT
frame.html
ad4mat.net/ Frame 986E 		1 KB
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:05 GMT
content-type
text/html
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
3399
cf-request-id
0a2024086b0000beba29285000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ToiiudQG5LUgvI%2F7IygAHdJCwjcz75Mmxg%2Fln6Wk0U5cEA5M7KnU5lxeXpfL%2BklG31LDyHYJFSiLpkLjrTGG4FR6FuruGAC4Yo%2FuQ8Jx4e8naN70HsMV"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6513a2ba49f2beba-FRA
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DF82 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heb.kyhistotechs.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heb.kyhistotechs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 18 May 2021 08:12:28 GMT
expires
Wed, 18 May 2022 08:12:28 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
157
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 27F0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk-YCh3ejYL7aFYGMlQe0na-YAwAAAAA4AeAEAg&bg=!i4iliMzNAAY59bwoOfU7ACkAdvg8Wlz2AwKVwJzi3CThOPDTQWYvWSCyHndnfSjAaO-AehAh1raxyAIAAADKUgAAAD5oAQcKAQbHQNgP-NmyJ7Fs9TGMcg_4y0LpX_JStjfRK39VGwheL7Pk5EVQsSVAUviTiA9m9Kq2FPIYCe-e_Nef1G9Ka0yLI8PBXRRz5nsosjVowDuGL9CnNCQmdomI7DZJGNxiWGTMCjNCEn2JeqkRx0vJJcJdZSAW_OEOarvXNksKQvupx4xSbXVWtkPMpmIO-sfX5qBGYxkw6QxldeJ-6k2V--iLmXe3q9QK-5gKOQlbigQvdHmNZ_zpMuC9CWiAXYpHep0mypOBhzlqpKrtoYzuoU950tuQOCPLZcjZEk3vBZ1NqS24dDjjTUAVrr11-IjCJ5cmIa_DvwZlJZhWaJvAcEwY5nnW0K3umQKO_R8pMbxub5G67hvv_Ve06YohiaKslLUEnD9HvJP3m6QiCU8x5tgObeo4dFgtey-PJ9TF_xK7HUwH9PXavRJmQDG7F4l2iAmblE8KFhwkD2UXr0Jiz1BO2POlKuwHyWBrl2lRwY8WCEqLlZKaCzbGfZ-2FPzknNiYIq6V9I57Apku31hjDhMyEcXMukfn3UCFuFuMalTfuHxuHF1izVy3nO8-nALLTndv0kxJqSp3jNULkn9igg1gPJ3SYrLZ_wLLRsjnBYQIdL37BKGZgnFmlntTU7nc6e1dSp9Ym0i1LWxKz-Wp6bqV8KHELomuQHFmgKPaZWR2zeFAPxIOWbqvDxj0FIj1aNdU_6_oX6PidVZSxJOvpT0ybkjC8dkTUfes0upkb1iiDXxo33oZGTsIWyCCWA5KtU1TjboV7OdOY4amJD42IELDUEgwIfZDSQzPdGSDRNozRZ_1-V7TWmawLc5KVBZ64-qHVGAUnz4YuxOVZHpRzfTHlCtjwtreonYDNLSVvGreTUKyWFenH8ng2eEorpn6xvImxz-38v3R1owPDpJiwDJ4Kxzy85taVv_29F382w_YklFw3gFedLdi1TOcUNXiF1NJBJ5cDYeY4dozCVzLLku2QypKHRMuZlcHYnUY0q7M7agAoZZ9RMuDSJIumbO-bO0xwdOK7O6Sd0fV3IdX2cfZcm70XFAyzWYFH_E5SEijpB-s7pGVEtVkt7Cde595D-26pJb-5bxsujzdMzYhwhZIWgzcTxQwd9WMn_TgPtO3UNR4vroc1i8Fb-mbJD5OmB-1DiFSmBrqzfL5wqNduXdbIb0FCYzzH7d0HtnFyEB49RCRHkkG9qz_66U7s_PO1dv12qK1dkqL
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
pagead2.googlesyndication.com/bg/ Frame DF82 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 06:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 09:28:00 GMT
server
sffe
age
6929
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 18 May 2022 06:19:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 51F5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=586743059668196&bg=!_f6l_rrNAAY59bwoOfU7ACkAdvg8WvRRWlaP6SlPlauQugbVQzBKMf4LiPHdNMP2tPkgi_fr7qDQRwIAAADAUgAAABZoAQcKALt4m7s3psM4DisASiPsGmh88DRHmt1Ogl61DPRp_mdULjVgjEmF0QjxVeG4lGvQHkdUDQ1aZ2HCR7u_X50RQW_BMl88P7GMgtSjHQ8p1qF1JbwZv7vdQh6mvAYlBkC7fbIIa8bwPr2Ra9yAXstBFhMEmDCoDDFpS-1eDo5BqqW8qZy9rwqsUZkgWah1zvWWeqZ1OWvkDaH8ycebFdIW7SDAuosiIc-FKj6BfIwQchcGTW-_R05TiRcn0_QxmQJq5I30Qp7hrnEhsrkdZAjhyOr7uPEAcSdxEPbe474fqT7YqtmfBfI1t4Lhzc68LrkuqxAIzmTWa-aTf6zBTWaccv8CeiiICT1K0fq_vFD0QDWNXwvqChkqbKQvgmVkCFf7fn6As2Hhnmcs7j0Vhu2yIYU3FUzxYeM3s83ZVJG01JhWQ43m6cP4yYx0TEJ1rGHWfLpL3TSHwNZgth1P_S2mtvhp_JhvXhk9bYIjNqt3t1sFnEiBAD697gtYd22o-I_-xILtu-O5vfm0Cs3xrsb-i2xLCcCOAF1FjZfTtTyvJS4GsgQGsCUtg0wyeEYYlZmsWZgjz7jv0xBpA7DQmBg9NIFoHxb4SMZdBAAN-M3BF59G2V_2URA9-f78TX5dL5tmiEkVFCZ1yTLyidZDDsUUAlXficszmXvqFwBIuQw6rj04KDU8XIQ8XMRAKDKZnvvKkqIY3djAREE3moRB_17WsByy-BFCawQDS7kdKjh6itxYHpGskjNbXEAU1-a2UfMa-eV7idnrTyTtauC7ldYbGbzVP7-nfeOJy3PMIEvYhu6JLpAuGbDWprvWr7UL7ZFGcKfQPDTOGUaDc0rXo5LXl9lr7M-W-nVy71A9d8Dn2JAUoWWObhvDcyi2uKmX_hzh_P4MA1LrknkJ0yx4ij0v_CrBYig0N4tePjl_J7B9VNjRYNhOi_3D80R7_E3o5wsZG2kCY80qkymVEz_soRs8oKalXvNNOpshqmSaL9AfWAy8nlHQxh98IK5CQhD1O6pDw4L8UlAl6BjkaYqgFVJXQ3I7LMCYUwSBT20EofW-SmKQAaTHjIr7oErz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B340 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=112025938682166&bg=!y8ilyIzNAAY59bwoOfU7ACkAdvg8WhLd3oIJPK40o-H9epXClU5F2RNbTxOr4yD_TX9eMtMkFWixswIAAABpUgAAAAVoAQcKAFjliwvNjo9LNk4rxB71Uq_ntBLWA0OvvqK3vtgRHf0TtJji00VNBv10Vx4Bx7FieB3EDCp9l9IF8uoddrGuuR7QTuHhFwPk7-XZtQpmroSwd0oRVhBiG9yOmQJpgk6jw0dzHff5SdZ5ZjSnVX8XugKo4g3qrWxLlPb0tjIh6B0PegUOu10-Hzj-lhLDFKr62Wi5OKoAKYULLHV5lKyEBhe0Az7GSZq1IjCXLeoqNqpNOZT93DIQAoAXmp1uA481N-dCkKaI4AOj5cnfGjU_StqP0VZsNEUguX1bAeu9FHm3n3qL_x7qDMLnIKHcrjYLXdlqIDPP_82BDt3N9oh1dD0_BPv9hgwCRia7msBh1BitZxfgBh_SCky47dM6e95__FsQrhcCRDRgHZBmdFdjII_fY1ESWc-lEyO5W60RJ6YDiA9XXeQO_nP6IF5NkTTAJK_q_EbIYheETRhbRJej3udS2S48Jqi8YWrguoQ6dn7bQo63QmTXLjBK0u6W5oJpX6GFUbYEphmCsC6lH5hnTXXPKFT29AVjKzrlFQ8omKzD-T59-UStFwon0wJIy-cLQpMcY_a-ISuQ3-6XMXhiv5fTRgpOvBFMGsWrQcfup5-kZ8SMK-CALadhrs_vLSltPwODazWWhs4V5Zyn-zpteJzXifD7XBnZMGmCHCOKoUiWipU8e1cML0iXqf94fiD7liTe0PUHU4AwqUhrDP1qv61kmLXaypBvKoiokE_l_qgn_EiIks4Sda5l5ETcC4Q5gBZiL4p6BTHeCibpfLRpyDxJI0db_FzCiYZG0MFmmiK526JRzyBUfWCvo9joaQo0igkZ9Yk-LhQ5QKPHDhCgY2-jtDGQ3F4jEGD0RYH9br7U-9kHUsMvVSRv7dKnBoqOVNJUM_yIx0-AapgnRxCfB3PgkxdmFhRfF_99-zL4DMOFPIK14Wk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heb.kyhistotechs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame EE40 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f834938a28d10533c9798367ad21c9640c75fb18c2d4b5d44e599e2e76e14c0

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kzysvt9ny959cnnd6880jm07hr661jyeqa6egfw5r76nh6y33sb664zfwbas6629mfp1nga6crgq6te22wb5mm4m5xez9bzfz8k8hfpbg8gvp0xez47tjbs22ysbr724fx928g3kn01f6dadgx1ck55zrhmkd9wnyteam98891032s1r7rt2gegnq19617jy4se5306bkdaaxyjmc6jccavycpm7bxk56hpm4st6g1af1eryjx7rn9w1vfpf92gsj72x2vee7gsjz7524p6qdpk3a3j80akfezj4qveqjt3qgvbtwyv81h71gh6y2kmj2wp37n2tph1g8xp44a9myrczsnma30md08g4m6we8h9w91cn45sn4zm8jzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%26client%3Dca-pub-6550413363602588%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 May 2021 08:15:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-v23g
cf-request-id
0a2024111700004ac3f20f2000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tvA618DBv55sKqmjM7pJDaequit%2FSmfR%2BuTZJlr9aEXTMqJFIFssbj1K8igHQ4%2FBSf%2F2UDyUzJme9Dwa7JmZuTkq2Sf%2FwwroZjJZI3Borx6TO0pG"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
6513a2c82a4a4ac3-FRA
rar
as.ad4m.at/ad/ Frame BCE5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe8797ad1dfded0b324152a2308b95c1c77d16b38d4325d6cf64c4facf01652
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:07 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a20241132000005dc4a813000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6513a2c84f4f05dc-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.5/one-ad/ Frame BCE5 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.5/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6eb2eeb98d7863e83999538cf81b884b389af4236e217f80eb7e6e75bc0113c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
66156
cf-polished
origSize=60655
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a2024115300004ac3899ba000000001
cf-ray
6513a2c88b814ac3-FRA
expires
Tue, 18 May 2021 09:15:07 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame BCE5 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Tue, 18 May 2021 08:15:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5354
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-UxOw4oNXwikwUfiTkChJrYWQtGY8orw3fcfTM11QasuRqBvlBfhs6xXhJwbh86lUMk-yy7iywKzvHN3658inXCGp-vNhA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a20241155000005dc0732a000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xTGZG%2F5c3yjPg92BD95a%2Fh%2Botlo7kVrCwj2Pwip7aCwwqjTrVQmwbZMwr4iL3rEw%2FM2c%2FXQG%2FIDthir59t7Rr6%2F9zrQAGnEhyo0a%2BdNfToZ6VPzVSToRRN6fMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Wed, 19 May 2021 08:15:07 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6513a2c88fe305dc-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame BCE5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Tue, 18 May 2021 08:15:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
107529
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a20241155000005dc540c2000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lx75GxvQwIf4I5oxCiU8b1EgBIIwiTzilTAId8XheH33yjb7%2F2jLsde%2BY4CyZIS5leAebALBqwyM3dLrAIvVnfhWvT2UrI5tJIiIlCSBczhLSH7Sd6mEG18mAw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Wed, 19 May 2021 08:15:07 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
6513a2c88fe705dc-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame BCE5 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:07 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame BCE5 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Tue, 18 May 2021 08:15:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1082579
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a20241155000005dc432ed000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n8k6k0oT3pUWNncMBHVVwNRuGOPeZiJvXxv5Aurgl2mrKroH8%2BadYDpK9XgPSmADmUZuqjGAXMWffV6GUrh7Hbs376ti2Lk04RjsiC%2B6JSi%2F1MEACfOCefwn%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Wed, 19 May 2021 08:15:07 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6513a2c88fe805dc-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame BCE5 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Tue, 18 May 2021 08:15:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
388047
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UzUZIcCBFc2yRHVskFkCHgIz-FjGHX-yNU58TQRA1v2Vn4M_mR1Clqu4zD4eYe2DHYymBnsXa-fC2xIXXhTEY44ynzw5g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a20241155000005dcf2330000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lwX6VCqMDZdfjJ8wJd2AoJ2juYlY7RH0gycwznHE9k8Trt0tVUbUZNh2G%2BtwPULw14xiTdjLD57PJ%2F1vV59%2Bu%2Fakom0B3BlM0HiNvF7KY5cjONnyFOqdKjMRjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Wed, 19 May 2021 08:15:07 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6513a2c88fe905dc-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame BCE5 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:07 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame BCE5 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Tue, 18 May 2021 08:15:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2161371
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a20241156000005dcf195e000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r9zWjK%2BBqvyOdZoxDJuVXs7fOwCeZjZl0RzJBougwGR4720%2BhnnR%2FYKBHK3nKgbgc0wpZILw3ONkJ5dWAV%2F8161KyvlQTyyMkRpEMJhFbkxgfsYBOVXJqjWTwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Wed, 19 May 2021 08:15:07 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6513a2c88fed05dc-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame BCE5 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Tue, 18 May 2021 08:15:07 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2200661
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a20241156000005dc20062000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r4WbQ860fukAOqlUhtl0uueW4ttfalZH9sIdjBEmo6YeuMsGbvFB0foedg%2F09UZC4ZCXHc%2FmQ%2BTsW8hPUxwbAtuEZlrGbiE%2FLQmJMrq8CGYlVxHmmT17hdNu%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Wed, 19 May 2021 08:15:07 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6513a2c88fef05dc-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame BCE5 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
8eac4e298303cbb4eaf1431e14e4bfe541d0d102e6aa836f6e1f58947b355b6e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:07 GMT
Last-Modified
Tue, 18 May 2021 08:15:07 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame BCE5 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-108.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 07:59:27 GMT
via
1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 14:01:05 GMT
server
AmazonS3
age
942
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
evjkmwV33zarbk7xKdDCE12h-_uEjfUVM9kmbGbDk60RCCSEWS-OqA==
hit
diapi.webgains.com/2.0/ Frame BCE5 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xx0dNOTodf_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI0YXxI_FeAiwgAwdbwBjl7pp0iJ3A0KFgBFY5BNlr91xU..CR_&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221621325707%22%2C%22%22%2C%22%22%2C%22%22%2C%221776845707%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=9fdcdbf976ad734ae020d6b5ad28f48c&userIP=82.102.18.114&doAffectv=1&wgtime=1621325707
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 18 May 2021 08:15:08 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame BCE5 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidBJEUgfPfmx4sxH6H3t9t6k9ubteTmgoneid__asuid1xbr_sLLUORazAncEeRoMqhsxJ3ZysUpasuid__adf_Netmix_Reach13_DC&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=&g=8653cbfd637a6a4185711fbbda1987da%2F2833487289957753473&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20d52w6nmp4zev19a2zdctmtknmrxdzsr4ba6wsk22cnfqt544tg9k8j5hsfxqpex3jdxk48z1k3swa3v0hdvt2rh8qej4kjknctkf1htwcnsdj429bxkn9pfsfgp2mrnm2c080yafd1zt05sf8vv3g7hj3sv1efh12t38ay9q7z7dzpne17hterdarjjgh14eh5q2q8e6bps54g2am0cbdc3gtes28t5213nw8pzwh7mb1r86r5f30w1q8np%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC1Hobh3ejYOH2Iq_b7_UP9Nq0gAyQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTY1NTA0MTMzNjM2MDI1ODigAcKu6N0DyAEJqQJmilcHtGi0PqgDAaoEpwFP0L3syixJP5euXTIjdbHvKvT6xUGECOBKCK7b4CNvnxBjgNkXTK4XgO7WxVfIJO77c04te-3u1H-6-Y1iAyc2WJNoPyzREhFXFXGNGle9iEcYyIRB1ViK7qPJ2w9lsQkse0hCkGJMjjCTaYY9LH7iFekNQMBrPJdfq88lfVgUQ6Dj3nX1QhgJRJA0jCEjGyW88YHzpDEbaxsyLy3wQoPxlvLSNVXqwIAGmdrQ9-vzsveAAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1U_HW1cHQHwJjA1HrojNmF-URmrQ%2526client%253Dca-pub-6550413363602588%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 May 2021 08:15:08 GMT
Last-Modified
Tue, 18 May 2021 08:15:08 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame BCE5 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xx0dNTdISQ_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI0YXxI_FeAiwgAwdbwEMsZPuVr914VecL57GY5BNv_0TjV.EZH
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 18 May 2021 08:15:08 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 18 May 2021 08:15:08 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame BCE5 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 May 2021 08:15:09 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame BCE5 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-108.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 00:55:02 GMT
via
1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
45922
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
lc3HhNYSc401jVgPkCi3ODLf2MgWwSAExUDfHnDo4M3ZXDkadA4Saw==
tag
w-it.m-t.io/ Frame BCE5 		18 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1621325708914
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:15:08 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
500998d74fb2f8fd0ea02e6fb359305d
cache-control
private
content-length
38
track
w-it.m-t.io/ Frame BCE5 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16213257078628_756c40b836&programId=12607&expiry=1776845707&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
925c58ce0b5c4bbe29eb6fef9b9373ad
server
Google Frontend
date
Tue, 18 May 2021 08:15:08 GMT
content-length
0
content-type
application/javascript;charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8D3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=1299.0000&a1=https&f1=layout_html&s1=0&d1=10.0000&a2=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F439731349334692011%2Findex.html%23t%3D13520258186041798016%26p%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net&a3=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Fapi%2Fexitapi-impl.js&s3=682.1600&d3=7.2100&a4=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Faddata.js&s4=682.2750&d4=8.7100&a5=https%3A%2F%2Fpagead2.googlesyndication.com%2Fbg%2FVUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js&s5=1297.1950&d5=6.5900&a6=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F439731349334692011%2Findex.html&f6=Custom_layout&s6=-1&d6=-1&i=521081404298&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F439731349334692011%2Findex.html&gqi=h3ejYJfDCM3H7_UP4pCHmAE&qqi=CMzM5_Tk0vACFdA04Aodjr0LRA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_rn09OTS8AIVAUblCh20zgszEAAYACCC_a0vQhMI8vDQ9OTS8AIV0OG7CB056AI8;met=1;&timestamp=1621325715107;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C394 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_rn09OTS8AIVAUblCh20zgszEAAYACCC_a0vQhMI8vDQ9OTS8AIV0OG7CB056AI8;met=1;&timestamp=1621325715107;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 08:15:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEKnlASaV_FmrRlHEkkg6MeY&google_cver=1&google_push=AQvitUJbqNRGpA27Cd1fPu9dI2plCte9xDd_4DCWAhVKL1z-FiA0evb1BTiLvGtBD9f8WUlg7WtMXei_Cr1pGLZqB7YljdjzzN9-6w
Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEAyNTGKisrjSw60dDPJPYpE&google_cver=1&google_push=AQvitULkuRpYOwat2Zou_o7W1gZW8tvAFmNdsKX22olL30GZ287EkxTCRLmNDHEeqGxkYTAbs9ke1yZOYanaSj63vEpuemDO6XAM
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKN3h3oOpMZ7r2E2b_XhYgAABGYAAAIB&google_push=AQvitUKSR0bW0oVOuscm3FixBGsepL8U3gy4T2-kICqZhHf7MDM2p1vGoagl64r6l8btXSs9A3-XQafDIhSbsBqkawELhinX1VU&google_cver=1&google_gid=CAESEDkFWODB8AnLJETCpqfyAHQ

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _0x6726 number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule number| nmprd string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| t object| e object| __ZXCONSENT function| $ function| jQuery function| ym object| Sk object| _0x7df8 number| mrwrk object| MpRd function| setImmediate function| clearImmediate object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| Ya object| yaCounter56316286 string| google_user_agent_client_hint string| surl number| zxCheckAbs number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| ZxConsentCheckStatus number| ZxTimerConsensDelay object| regeneratorRuntime function| __in-stream-ad-init object| TransalteData number| flgError number| flgError429 object| result object| res1 string| didomiCountry object| didomiGeoRegulations object| didomiOnReady string| _CSS object| didomiRemoteConfig function| initClickadillaVAST object| $jscomp function| $jscomp$lookupPolyfilledValue object| webpackJsonpDidomi object| Didomi object| didomiEventListeners object| dataLayer function| __tcfapi object| didomiState object| ZXNT string| slot_ext string| zxadblock_ext string| domen string| site_topdomen number| prtintstlprocent string| zxAdUnit77 object| googletag string| zx_network_prefix string| zx_ad_slot_default object| adx_dfp_bloks string| zx_banner_w_default string| zx_banner_h_default string| BannerSize_default number| flg_dfp object| t2 object| e2 string| url1 string| url2 string| url3 string| zx_ad_place number| zx_ad_width number| zx_ad_height string| zx_ad_slot string| zx_ad_id string| ins_targets number| cw number| ch object| tt98 string| txt98 string| txt99 string| stl98 string| BannerSize function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_global_correlator object| google_prev_clients object| google_jobrunner function| getCs object| google_image_requests object| ed

5 Cookies

Domain/Path Name / Value
.kyhistotechs.com/ Name: euconsent-v2
Value: CPGYqs8PGYqs8AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.kyhistotechs.com/ Name: _ym_isad
Value: 2
.kyhistotechs.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTc5N2U4YWUtMmM2MC02MzUwLTg0NDktZDk3YzIxNDA4ZDRiIiwiY3JlYXRlZCI6IjIwMjEtMDUtMThUMDg6MTU6MDEuOTUwWiIsInVwZGF0ZWQiOiIyMDIxLTA1LTE4VDA4OjE1OjAxLjk1MFoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.kyhistotechs.com/ Name: _ym_d
Value: 1621325702
.kyhistotechs.com/ Name: _ym_uid
Value: 1621325702468357304

42 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->v2 optr->dfp->overlay,consent,abs
console-api error URL: https://lib1.biz/code/gm2wkzjzga5ha3ddf42a(Line 167)
Message:
Error: Browser is not suitable for subscriptions
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan version 2.1.2
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan run tag spots
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan init spot [object Object]
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
%c [AdManager] - color:cyan init spot [object Object]
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx->start full check gdpr
console-api log URL: https://script.clickadilla.com/in-stream-ad-admanager/build.js(Line 1)
Message:
Instream for AdManager. Version: 0.0025619029336105825
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zx -> DE
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zxnt -> START GDPR
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zxnt->cmp-> onReady
console-api log URL: https://cdn.zx-adnet.com/adx/optr_19071801.js(Line 3)
Message:
zxnt native v.1.1
console-api log (Line 14)
Message:
v1.2 sfr zx ad 728|90
console-api log (Line 17)
Message:
v2 sfr zxm ad 728|90
console-api log (Line 14)
Message:
v1.2 sfr zx ad 728|90
console-api log (Line 17)
Message:
v2 sfr zxm ad 728|90
console-api log (Line 16)
Message:
adx | w=728 h=90
console-api log (Line 18)
Message:
start adx mx| test site cost
console-api log (Line 17)
Message:
v2 sfr zxm ad 728|90
console-api log (Line 17)
Message:
v2 sfr zxm ad 728|90
console-api log (Line 17)
Message:
v2 sfr zxm ad 728|90
console-api log (Line 17)
Message:
v2 sfr zxm ad 728|90
console-api log (Line 14)
Message:
v1.2 sfr zx ad 728|90
console-api log (Line 14)
Message:
adx | w=728 h=90
console-api log (Line 16)
Message:
start adx | test site cost
console-api log (Line 14)
Message:
v1.2 sfr zx ad 728|90
console-api log URL: https://cdn.zx-adnet.com/adx/1_optr.html(Line 13)
Message:
err|not Hh&Ww|change default->728x90
console-api log URL: https://cdn.zx-adnet.com/adx/1_optr.html(Line 13)
Message:
err|not Hh&Ww|change default->728x90
console-api log URL: https://cdn.zx-adnet.com/adx/1_optr.html(Line 13)
Message:
err|not Hh&Ww|change default->728x90
console-api log URL: https://cdn.zx-adnet.com/adx/1_optr.html(Line 13)
Message:
err|not Hh&Ww|change default->728x90
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18a8b67c322b52a236a3c2010bac844d.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ad4m.at
ad4mat.net
ade.googlesyndication.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bk.jampartizan.com
c1.adform.net
cdn.zx-adnet.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
d5p.de17a.com
dclk-match.dotomi.com
diapi.webgains.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geolocation.onetrust.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heb.kyhistotechs.com
i.kyhistotechs.com
image6.pubmatic.com
js.wpushsdk.com
kyhistotechs.com
lib1.biz
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.clickadilla.com
secureir.ebaystatic.com
securepubads.g.doubleclick.net
site2text-2021.web.app
ssbsync.smartadserver.com
static-de.ad4mat.net
storage.googleapis.com
sync.adaptv.advertising.com
sync.mathtag.com
sync.tidaltv.com
tpc.googlesyndication.com
track.webgains.com
tracking.m6r.eu
translate.googleapis.com
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
w-it.m-t.io
www.awin1.com
www.ebayadservices.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
um.wbtrk.net
104.111.237.88
104.111.239.217
104.21.6.58
13.224.95.108
13.224.95.123
13.248.242.197
142.250.181.226
142.250.186.130
142.250.186.162
143.198.248.128
151.101.1.195
159.253.128.183
172.217.18.98
172.67.154.248
18.158.81.184
18.159.187.109
18.197.47.23
184.30.25.27
185.29.135.226
185.64.189.115
185.86.138.132
2.18.234.21
2001:678:cb4:bbbb::11
205.185.216.42
209.140.149.182
213.155.156.183
213.174.135.24
213.174.135.25
2600:1901:0:76b9::
2606:4700:10::6814:b944
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2606:4700::6812:d05
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:800::2010
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2013
2a02:6b8::1:119
2a02:fa8:8806:16::1400
2a05:d018:24:b001:d120:1359:acbb:2de6
3.126.56.137
35.186.193.173
35.186.253.211
35.190.0.66
37.157.4.24
46.236.13.147
46.4.91.20
52.28.196.155
52.73.9.252
54.72.18.9
66.155.71.149
81.29.72.47
82.113.101.132
85.114.159.93
88.212.201.216
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041f60a715023fb438203d995ce5cb286f2daf7ab2f52f356ae85671250ddd28
052acd6af31f6777b169b29949258dc0d5e1de797239b9747c9a4c2a67201b24
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
053af0c7b1613944cc6f25bbcea31eebd08b19e0626cb83fd3b581dd906f2640
0568ee825d193173771eee5d3e706ac72aa3665f5f1eca833ce8e81b00710fdf
06eaa5fb0d68fefa242f27613d29d89058cd99f42ab7555b1917b55902be0488
0817f40e791a83419938238717cb50aa58eabccbc29ea81f6dd8ca2fcbc4446e
0850cd2d325ed644fc1706d5384f7a6421d63040a385b8b896ead672fe2fc30a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0ff321dd07d1fa16419c1de4b6de65c7c4ada2f835bebd3afe15cde9f23696
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11bb17ebca96d704d9f3deb9e97360ef1cd8cddbf855ae78c1e9007d37b37932
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
154723fafe7db172b71796e6352d76efaa9defdfc4678dad1c5aaba001cfc19d
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17ef0d07a33c84e6db0934329318518a6e48f6216e9439fd39b3b08b28bc6df4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1962ac6bfdd8486f77bcaaa869de3fd216400776e05cec99912000b20d1673fd
19d48b97b2d882e67430673bc6f45669a21669cdc7bba6d06446b5af3e40ab03
1a267963e3f1bc576d5bd7cd3a5ddeed81bdc8c21a8a6309b89de7ec84b6036b
1b71997d309df85c7af9202460017796d871fe8d3d669c2fc04111faaf319cf0
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
22befba6435a573d830a45ae193866b3bc3506872de5d91ed538b4563119ddb9
22c834e7d2b7f490fe09912af417180c58bb5594ae3ad263c823dbaf6204abf0
246adef29fe1329a53847079c91950a159407881774e15b5d5df2e8cb276534c
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
277c897ff7cebee9d7caee6da53dee9f527e7c91eaa3c5efa13786396153c517
28ba1d4d759b4620a8fdb82c348980da15acea24bb4740ec24ba24a4daa4d3f8
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
2a570fa4ff928d98713673e6340c72f7d0f4863d87364fd6b7988501be82dbb6
2be8a48c462209c00b275af6a3cdfef62b7271408d5905cd5fbd361a15221a02
2d3c9d7c11547461b4b4ff3bfea78f815821ba2aff506d6b1a74cebdb540d924
2db09ce486409eba9eb631b70e3f13faf885c7c110c0aaab314d5bbfab660b4c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f0028cdd04bb9ba31bfec09efc169f090e03a97108da41bf7a305a26d52cab3
31396c046ee5e782efdc39d8f0c008c4c5e468b226dde487dcf7b7330ee72fad
3252d3563fd11ec981f2a551dc4c164ef73ff16e6af1160f88b6c2921ca93d34
32e257edc51d8da882af136c78e1395e1dbd72d3960923e2174ec1caf1ae19c3
33239d4c15a977bffd8cfc0332a1002572bdbcca02898b872d8a58a225ad95b0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35ba96e4de0c75925ba42554b9950597620516f105053d7aecd090e9971bd254
36cabc986091bcbd968af2321f30dcb7470f5471f6fce0d59f06bf8707dc7241
3ab669953a886b842980a1da01edee0d309890c89ea56a55a929de7df37c1c87
3db9a71ec980a39f134883ecc67767ad0061e735f7d459a58d23094928c730ff
3f834938a28d10533c9798367ad21c9640c75fb18c2d4b5d44e599e2e76e14c0
41af6c5e62646dea6e8b864eeaf3710f560977e0a0060c2945e4842b742760ce
426ca72f90df53edd7703504b2b77cf1f3a68a5b00bf9c594c7164614dba632e
43de677a727214f1316a11a5a0ceb87241b37df2d68a684777f995d324f00952
454699456953c6819fcc254f7d2e8e2fce2a2553f2dc54b2b90b0faa7e13ecc5
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
469f732297918fe6a441bc173a8a1f9a169e270528b3f24d4e98132047c708e0
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
498d014cfd917c4d67abfd729667985349392e8caa47798b0053397f7534daac
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
4bfbe90df75b370438ad25150e701108c1d6bb27003add53d2f0be9e42b194ab
4e61f59487c2f8e3462591408a9231e5b0e0494967ec9456c2e15b1f820669e4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51347e5b4036f4ff0a92ba97e5daef833e73439c5a3ff34e530179da33082cc0
51e5421450933c22e952bba34eab7f8118861b57af9eeda51391853926f8f454
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55094037c34c6e4bf2f68dd7ed35c5a558899a187c347ceee02f7552893cf4b0
552f26bb9d4cc90bac2be1b7b5661cd214cd6947646880fc674d750894ae8a32
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
5562db3a39e64cde5387cd8dc85784020cdab66d6a87f08a3cad33513ca752bb
558795619af915dc7470934d5fca01759bfa95ed7bed2d815cf75f7ca29b9913
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a08583f28c0bd93e5c5e089d0f94c702789a18d01226a6bc160081620dfaca4
5c47b56794c209923e8d5bbfe7950ccead211b951ab0916f09c9479ea7d2a1ae
5e3f09cec19910656eb8287171ce37b55e2a48da275ba7e5a64cda046bb71ce9
5edf0998558438600bedf6a73c97c138a1a54b9a2012483dc4ee94ec0d66d99a
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
604fb8a7f630dfc2b87a4de32832606ff5e24aef8ba8eb8501ef1d6c932e9707
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
618e2e1617cd3d9be3cd35cf8c2b3d87db8fe38756e8c5272de5ee44a59fbd7a
629a967236cf340cab6a08aa47f6442776b199ba7cc480b8f701bdd1418afc26
6416bd733614c6a7e0d7daf177d9e4ba1e3849d368a55562c0881f9ff0d241d2
65d0e5055eae8835ec4305039482c8c2655e27b25ba8aaacfc7e23e4e171722c
6681f5cdc1c80bd350bb424cbbaab1210aa6e78d8d3c161b17fc736596351edf
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
694b5b8898569dfa205608d3931728f67de3a836a3562b0bd91c348ae701dbae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ade3cf0beb041f855f83dd286626f7f37c25069e618daf0ce73fe0ebd9313bf
6b63e5a1d30da4a0a9f81ab9cef3b48ffcc4f208dcbf088bdc2694398a36b868
70dd9874f73344c14dd1adbc91155c64a8d625f917aca9ce39dc74412710e86f
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
751acc5ff4010a37b057d56675ff9012607c3941b2463a83f045b2fbddc500e2
7622c2db40567eb3bd33a2a915258ab078add034906a1188cea3f4ddbbc1a263
766ac668c71292100c2d78f30c5a09932eaee1b2d8b19de53f533f55a81c7943
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7932799bcfb2c1f396bd2c3bffe04669b99e3b0ee85f4aafd7aa359948efbb9a
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7f2f2833f59843f55c545e231d2c2a7f454241e1c55fbcd57e6c648d0f58b1c1
8018bf0da1b729ac055953d5adab7ffe6f5d14f1686e1e10f0009ddd75d75fda
8294fbba07851fe7c83b3ba5171277264661be758f50fb285e75b06e6ebee42a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8425ec91b95544dadd5b1e7b12e664dba83bcf76e6515673c21dc0d5d67290ae
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
865f4f14ddbec8af41371750886bac0713ab94b926de9c88dab307cedb0a5e7e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eac4e298303cbb4eaf1431e14e4bfe541d0d102e6aa836f6e1f58947b355b6e
9035ed7aeba54c288c3cac35cde13f9234b26b631271cbfa88320a621d7aaf89
90767fabd53fe6949c8e19f3ab9d3da69cfc52c7bbfafe42739ed14c2e837920
91d1623076be1a2861200391ceb79b7cd2cfe5e74dbfeb65ec083702f9e6644b
963bf96b53b56dd2ab2a9d9b80b007f515c7cfcc731b72691fd8a28c7ff09047
965876cead61784e97f15e149fdf547487a3aba6536dc3b9df5f9164fe7b3305
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
969a527d6d4111bea817546cbfb2afcb7b794950324c376b1d55ae360fbf8ef8
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
98462d59db945be269adf62f3c7c94a1e520071427d1f6844fef50dfad77877f
997a5aba7b2ec41a919243bbb8a77c2a20e308a0cac93372973ba1bf104b7f0b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a629d493094044b6ff1e71172f5322d3cacada786e2f54c39457f0d9634116c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab59b169a1995eeb3698b21b8d156f8951dbba3424ed317d3d7dbb7daf9c2bc
9ae7fbe3d1925e4fd61007b31080c8ed6883235b1b45e7cec0bae6f7e4926266
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9ec0fd7a92bcf12844a1d7b33a08ab6da4caed515327055914bd358e559418ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53978fc8501d6156b7d2af156ba213ad0e57fd2cdb86e28e9cfa20c7e77a4b0
a53fe9364b05a9197587bcf2658008865dc55c5e2d645e6c50ecb209b7d0c80d
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
aa5fd1bded9123db5891c608047cbad0a42263961c9cee5d1b987d17c5db9dcd
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
af06bb0e1811f993c30fdc79a65ba026cf7978954f245a9876948c0d4931c854
afea91831fc0b1a4d198a45ea27d2a8aaa98c15daa86b9673a318794932705f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b159c7bbc17d80e5d1cf04ca0f5c67e40d586018deb9bd91076ffe78bfe2d484
b2cae88100e4c402e454488ec7d17eab3d98f569a559596b764716c5503b7fa1
b35dac6b95460ca052f5d38f3c34a5b6e511caba02d463a0c9e8e83a96c99b18
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b551990c8c74572879cda1acb611b41538978b865ba0b6c6a06bd3096c4d6f91
b837c4e176b27195bcf08d3f4dbfccfaefdf9d64cdbc7ab17b2a601aaf66bc32
b8816c15b716ef5c7c89ecf62baa03b481dfbf740d6b72aca51036102076a66a
b9133adb19edb051db38b256b5d53b87e47a26e35be94350aab4e438442cf6c2
ba2cd69e925b0573ddbd75261986dc5900abdb6093c5dd745d2cb05099aac436
bb505cf3491679e74f931fa61710477e9b04840bd13ad9f488b8dd243828f5ce
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c15708daf03622bb1bb165a413144e8772e11a42c99e1de8fdd559aa03f2d71d
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6bd750f32ab3021be54d4d9eb659116655626ba214c9e1691e030c5f0c15668
c6eb2eeb98d7863e83999538cf81b884b389af4236e217f80eb7e6e75bc0113c
c7cb091349aaf7ec3613dc2c8ef682ddf9ccdb5ff5f119770ca05a356d109603
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb350fa1039c2de6df2716ebfc061414f0ac1571bf493480b3023d14825d2bfb
cbcb435e2ae3ec1f001d2bf97d02c498ba64c7c85cf58beaa31091a379cd55c5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cca20ec2dc84b8bc818358b39fa128e739b5078e80a21d0fcd82852a57aabfc8
cebc33c648346d001a11ac36e29d26611997db4f50f33ec8f07ccccf7335a22f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe8797ad1dfded0b324152a2308b95c1c77d16b38d4325d6cf64c4facf01652
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d17adaaabf3ba39770ae3d30bc54f04fd0499787cc9dbe27ea94fcda79dab1cd
d3457b2ffe769d4a9ba8fbea66df15cf02ca83bb96d8fd13cb3e8fc54aab8aa7
d363c72f5ae5b5833876b451c224e68b705bdf605750f6144badf7831020d5a3
d4297c324d0361ebbee49b25f345249d7b7263d724199593edbe09dda7afb209
d4bbeb8565b9e9a074f2860ef597e83ffc3b9cddc067149c8ac073766b4f23c0
d50e60cc4ec0622ee92496aac8f5b379f8e12b3efd42babbc08170587b1ff3dc
d603ae90f176e2ce9379ff90bce1fd6109faa73157b0964c885ad95ef9a09892
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d68a718d6ed924d01a6eb2d4ac4b312f67946332eb1cfc62c1bb3dd7635fa6cf
d6af989fa3d7c58ba4661e8a709d955d586f0af1af6f7079b5396f4743a1f7e6
d7aae02e5af74362667c062e1383a8d7af176cff1a8b32e0277c510ec800955e
d7b13e2fe36a875b5906c49bc5330711916ea2f4173c4ffa8d2a01059815f020
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
df2e0daf3d1a8b8f5239f4814a214631795660a2d104705bf7a27822243a4818
df36bed7ac88363df08505fdfdfefc4a6a08055a2f548bf4fcccb92175ba4b9d
e0a62f9f000e19c2a048e9741681fc00e3e689cefde0b56aa950aad94104620d
e0b55d2fa61bad4606e2da7d24220ce9df08aebbd3f60909e34391466c2859fd
e2087ec4b5d946c42725372e1e1b9423f315ba3751aa02a6babdeca6dada78d8
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea1999fe16cc8dfea42316a2474ff33727e239a57028c2cb505bb8accf40bb89
ea3b5b93d31234742eced6fa3eadbf918be8493b49638ec70f3e86cd108658a3
ea410717102dfd3fda1d1e0e72ae8edc23da61ff25f36aa6a9caaae25d9b104d
ebc5231eea7c9966a4f28d774abb3d068e1eb78e91754ea951e737cfb19204a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc0ac208aeea143432598a93e4fa5c8f90e83aafa4f3954dd349b980858acaa
efd5192a828050605b052fec591f8b0015cb1b594a546a3a2df4c9648eb4a1dc
f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7
f1a2dd12c618ca2bc0edb51349864f5f2edae68f8b9e8064d97da2bff458e6e1
f1f4561f690e761d82007f5668da28aab2e6b5317de2140dd0cbf0af91056c31
f2137138f48eaa86b3d2317e81d7ba6a1d3e49d54a83319069fcd47513e7f13e
f2b63a6e0f232a5bcbd831be980d236de19bc8b1b65bc047bb05601dc4248c0c
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f440b8bc11f9ad357e3a0ffe7686e6c1db5debac618d633958d043a76337e401
f447ccc0903fd8acfb81382eb38bef521e9b93ab7effb55f35e1e33f89820eb1
f4a2584ceddd13df99b7a25479eddf74349ede781b09cece1979bc26a4713fda
f504ccb6c20e2bd16e5d8f01f673b3d454bbfc8f9767c029967c293f4ee723a8
f5ef61c9628070fe25335bab7dc60e06ca1eab089e134d5bb12efcc2a8cf88e8
f6b41f733b1b59fb1f0bc59dd3c702f91bf282d942ebd9ec5cb2ffd71f40780d
f87e2c64ec4e379f05f14f83bb0ad9c454672f03adbdafa64fe7bc53f8aa4a69
f95992e8c53a5714fd94faa9f5680657f30821230bf2f352237b099d50bd1da5
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ff4d9197cfd4b9f28300e0652a527c652c0c2b746231a490bd042c04132c0309